[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/2] ioctl_store: Extract path checking to its own function

  • To: Tu Dinh <ngoc-tu.dinh@xxxxxxxxxx>, "win-pv-devel@xxxxxxxxxxxxxxxxxxxx" <win-pv-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Owen Smith <owen.smith@xxxxxxxxxx>
  • Date: Thu, 25 Jun 2026 13:49:01 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NRBRvf7shCOwq+oTz0KmLHVvzykdvti2B9tLvK3tPGQ=; b=cKzzPV/D+vOu/wokvzSNOqH4wIHu0Kk8KYy5rn2zQ2g8F+0RgVg09pYfVx+NdMYIb7HFDHvy7PLgDXGXegn9tzSLx/xRiw/DtosWcoMwkt524wOrfcoYTnj+0V06I8I6Eca+x6BYwFemhqf1+4sd7+wtt76fC08bC71Wu025yNCc3L5Y30lAPkApkwL959jHTmZTnPazsm5wtIPFsLBoZL2yiyfuqAAM0C8zIM4bTQtFTalaH43/CDFvzfcN0pBJGLxIDsfIxPfXAb+zma+yi3KwJ27Cs2LewoJ2F08AQv+FwtE5f2Njcf/Yr6gejqF3500g0y9CGwFIlElDlzTkaw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Vw6HIuB0vf7bdmkzEq9i9BFG1CDaOM/WSSiSpaBEi97cq2brWv+lthutikr6euNq/DVsYloeB8SiJZfFoHNvrZDufgpOZF23qiLurYFcyU3UpocesDlGZSbvKRafk5xcqRO8iP+5qkAvuqOlJ2fT1WZGlEMGNQkymdRkjoT4UAfZK2BWvZmFSUE+HUm6hRFxblpd7wF5sKqa6WqLhZRmwq4Fwv4437qjU1J0dw5bZmmXZ4FUR4yHk67vPShLk6TWBT8OMNJndHZXbv3ze0lKOC7Z8K22L7vLFEJedwV9yP00Iy4PhOhbCS8IFdCUg2dQ9qyDV2QwZsLvDN4YuLDATw==
  • Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=citrix.com header.i="@citrix.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:x-ms-exchange-senderadcheck"
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Delivery-date: Thu, 25 Jun 2026 13:49:22 +0000
  • List-id: Developer list for the Windows PV Drivers subproject <win-pv-devel.lists.xenproject.org>
  • Msip_labels:
  • Thread-index: AQHdBH4osl8tyR+olE2xcrh7dwkozbZPScJM
  • Thread-topic: [PATCH 2/2] ioctl_store: Extract path checking to its own function
Reviewed-by: Owen Smith <owen.smith@xxxxxxxxxx>

________________________________________
From: win-pv-devel <win-pv-devel-bounces@xxxxxxxxxxxxxxxxxxxx> on behalf of Tu 
Dinh <ngoc-tu.dinh@xxxxxxxxxx>
Sent: 25 June 2026 9:39 AM
To: win-pv-devel@xxxxxxxxxxxxxxxxxxxx
Cc: Tu Dinh
Subject: [PATCH 2/2] ioctl_store: Extract path checking to its own function

xenstore.txt specifies that "The permitted character for paths set is
ASCII alphanumerics and plus the four punctuation characters -/_@
(hyphen slash underscore atsign). @ should be avoided except to specify
special watches."

Create __IsValidPath to check for the above criteria specifically.

Since the '@' character is used for special watches, it is forbidden in
__IsValidPath at the moment.

Signed-off-by: Tu Dinh <ngoc-tu.dinh@xxxxxxxxxx>
---
 src/xeniface/ioctl_store.c | 31 +++++++++++++++++++++++++------
 1 file changed, 25 insertions(+), 6 deletions(-)

diff --git a/src/xeniface/ioctl_store.c b/src/xeniface/ioctl_store.c
index 2ac96af..bc27b8b 100644
--- a/src/xeniface/ioctl_store.c
+++ b/src/xeniface/ioctl_store.c
@@ -40,6 +40,25 @@
 #define XENSTORE_ABS_PATH_MAX 3072
 #define XENSTORE_REL_PATH_MAX 2048

+static FORCEINLINE
+BOOLEAN
+__IsValidPath(
+    __in  PCHAR             Str,
+    __in  ULONG             Len
+    )
+{
+    for ( ; Len--; ++Str) {
+        if (*Str == '\0')
+            return TRUE;
+        if (*Str != '-' &&
+            *Str != '/' &&
+            *Str != '_' &&
+            !isalnum((unsigned char)*Str))
+            break;
+    }
+    return FALSE;
+}
+
 static FORCEINLINE
 BOOLEAN
 __IsValidStr(
@@ -110,7 +129,7 @@ IoctlStoreRead(
         goto fail1;

     status = STATUS_INVALID_PARAMETER;
-    if (!__IsValidStr(Buffer, InLen))
+    if (!__IsValidPath(Buffer, InLen))
         goto fail2;

     status = XENBUS_STORE(Read, &Fdo->StoreInterface, NULL, NULL, Buffer, 
&Value);
@@ -178,7 +197,7 @@ IoctlStoreWrite(
         goto fail1;

     status = STATUS_INVALID_PARAMETER;
-    if (!__IsValidStr(Buffer, InLen))
+    if (!__IsValidPath(Buffer, InLen))
         goto fail2;

     Length = (ULONG)strlen(Buffer) + 1;
@@ -226,7 +245,7 @@ IoctlStoreDirectory(
         goto fail1;

     status = STATUS_INVALID_PARAMETER;
-    if (!__IsValidStr(Buffer, InLen))
+    if (!__IsValidPath(Buffer, InLen))
         goto fail2;

     status = XENBUS_STORE(Directory, &Fdo->StoreInterface, NULL, NULL, Buffer, 
&Value);
@@ -295,7 +314,7 @@ IoctlStoreRemove(
         goto fail1;

     status = STATUS_INVALID_PARAMETER;
-    if (!__IsValidStr(Buffer, InLen))
+    if (!__IsValidPath(Buffer, InLen))
         goto fail2;

     status = XENBUS_STORE(Remove, &Fdo->StoreInterface, NULL, NULL, Buffer);
@@ -417,7 +436,7 @@ IoctlStoreSetPermissions(

     Path[In->PathLength - 1] = 0;
     status = STATUS_INVALID_PARAMETER;
-    if (!__IsValidStr(Path, In->PathLength))
+    if (!__IsValidPath(Path, In->PathLength))
         goto fail6;

     Trace("> Path '%s', NumberPermissions %lu\n", Path, In->NumberPermissions);
@@ -534,7 +553,7 @@ IoctlStoreAddWatch(

     Path[In->PathLength - 1] = 0;
     status = STATUS_INVALID_PARAMETER;
-    if (!__IsValidStr(Path, In->PathLength))
+    if (!__IsValidPath(Path, In->PathLength))
         goto fail4;

     status = STATUS_NO_MEMORY;
--
2.54.0.windows.1



--
Ngoc Tu Dinh | Vates XCP-ng Developer

XCP-ng & Xen Orchestra - Vates solutions

web: https://vates.tech

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.