[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 3/3] libxl: config parser: print warning for apparent arbitrary python



The characters - + . ( ) : are not legal in xl config files but are
valid Python and use of at least one of them is almost essential for
writing arbitrary Python in the config file.

So if we see one of these during lexing, note it, and then after the
parse is complete if it failed we print a special extra warning.

Currently this warning refers to the nonexistent wiki page
  http://wiki.xen.org/xenwiki/PythonInXlConfig
which will have to be written (and/or given a better name) before the
actual 4.1 release.

Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
---
 tools/libxl/libxlu_cfg.c      |    9 +++
 tools/libxl/libxlu_cfg_i.h    |    2 +
 tools/libxl/libxlu_cfg_l.c    |  129 ++++++++++++++++++++++-------------------
 tools/libxl/libxlu_cfg_l.h    |    2 +-
 tools/libxl/libxlu_cfg_l.l    |    6 ++
 tools/libxl/libxlu_internal.h |    2 +-
 6 files changed, 89 insertions(+), 61 deletions(-)

diff --git a/tools/libxl/libxlu_cfg.c b/tools/libxl/libxlu_cfg.c
index 821b8c0..663fdf9 100644
--- a/tools/libxl/libxlu_cfg.c
+++ b/tools/libxl/libxlu_cfg.c
@@ -24,6 +24,7 @@ static int ctx_prep(CfgParseContext *ctx, XLU_Config *cfg) {
     ctx->cfg= cfg;
     ctx->err= 0;
     ctx->lexerrlineno= -1;
+    ctx->likely_python= 0;
     ctx->scanner= 0;
     
     e= xlu__cfg_yylex_init_extra(ctx, &ctx->scanner);
@@ -44,6 +45,14 @@ static void parse(CfgParseContext *ctx) {
     int r;
     r= xlu__cfg_yyparse(ctx);
     if (r) assert(ctx->err);
+
+    if (ctx->err && ctx->likely_python) {
+        fputs(
+ "warning: Config file looks like it contains Python code.\n"
+ "warning:  Arbitrary Python is no longer supported.\n"
+ "warning:  See http://wiki.xen.org/xenwiki/PythonInXlConfig\n";,
+              ctx->cfg->report);
+    }
 }
 
 int xlu_cfg_readfile(XLU_Config *cfg, const char *real_filename) {
diff --git a/tools/libxl/libxlu_cfg_i.h b/tools/libxl/libxlu_cfg_i.h
index f6b241c..88d2a02 100644
--- a/tools/libxl/libxlu_cfg_i.h
+++ b/tools/libxl/libxlu_cfg_i.h
@@ -16,6 +16,8 @@ char *xlu__cfgl_dequote(CfgParseContext*, const char *src);
 void xlu__cfg_yyerror(YYLTYPE *locp, CfgParseContext*, char const *msg);
 void xlu__cfgl_lexicalerror(CfgParseContext*, char const *msg);
 
+void xlu__cfgl_likely_python(CfgParseContext *ctx);
+
 
 
 /* Why oh why does bison not declare this in its autogenerated .h ? */
diff --git a/tools/libxl/libxlu_cfg_l.c b/tools/libxl/libxlu_cfg_l.c
index 917a156..e063461 100644
--- a/tools/libxl/libxlu_cfg_l.c
+++ b/tools/libxl/libxlu_cfg_l.c
@@ -370,8 +370,8 @@ static void yy_fatal_error (yyconst char msg[] ,yyscan_t 
yyscanner );
        *yy_cp = '\0'; \
        yyg->yy_c_buf_p = yy_cp;
 
-#define YY_NUM_RULES 15
-#define YY_END_OF_BUFFER 16
+#define YY_NUM_RULES 16
+#define YY_END_OF_BUFFER 17
 /* This struct is not used in this scanner,
    but its presence is necessary. */
 struct yy_trans_info
@@ -379,12 +379,12 @@ struct yy_trans_info
        flex_int32_t yy_verify;
        flex_int32_t yy_nxt;
        };
-static yyconst flex_int16_t yy_accept[34] =
+static yyconst flex_int16_t yy_accept[35] =
     {   0,
-        0,    0,   13,   13,   16,   12,    3,    9,   12,   12,
-       12,    4,    2,    8,    7,    5,    6,    1,   13,   13,
-       14,    0,   11,    0,    0,    9,    0,   10,    0,    2,
-        1,   13,    0
+        0,    0,   14,   14,   17,   13,    3,    9,   13,   13,
+       13,   12,    4,    2,    8,    7,    5,    6,    1,   14,
+       14,   15,    0,   11,    0,    0,    9,    0,   10,    0,
+        2,    1,   14,    0
     } ;
 
 static yyconst flex_int32_t yy_ec[256] =
@@ -392,17 +392,17 @@ static yyconst flex_int32_t yy_ec[256] =
         1,    1,    1,    1,    1,    1,    1,    1,    2,    3,
         1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
         1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    2,    1,    4,    5,    1,    1,    1,    6,    1,
-        1,    1,    1,    7,    1,    1,    1,    8,    8,    8,
-        8,    8,    8,    8,    8,    8,    8,    1,    9,    1,
-       10,    1,    1,    1,    1,    1,    1,    1,    1,    1,
+        1,    2,    1,    4,    5,    1,    1,    1,    6,    7,
+        7,    1,    7,    8,    7,    7,    1,    9,    9,    9,
+        9,    9,    9,    9,    9,    9,    9,    7,   10,    1,
+       11,    1,    1,    1,    1,    1,    1,    1,    1,    1,
         1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
         1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-       11,   12,   13,    1,   14,    1,   15,   15,   15,   15,
+       12,   13,   14,    1,   15,    1,   16,   16,   16,   16,
 
-       15,   15,   16,   16,   16,   16,   16,   16,   16,   16,
-       16,   16,   16,   16,   16,   16,   16,   16,   16,   15,
-       16,   16,    1,    1,    1,    1,    1,    1,    1,    1,
+       16,   16,   17,   17,   17,   17,   17,   17,   17,   17,
+       17,   17,   17,   17,   17,   17,   17,   17,   17,   16,
+       17,   17,    1,    1,    1,    1,    1,    1,    1,    1,
         1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
         1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
         1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
@@ -419,54 +419,56 @@ static yyconst flex_int32_t yy_ec[256] =
         1,    1,    1,    1,    1
     } ;
 
-static yyconst flex_int32_t yy_meta[17] =
+static yyconst flex_int32_t yy_meta[18] =
     {   0,
-        1,    2,    3,    1,    1,    1,    1,    4,    1,    1,
-        1,    1,    1,    4,    4,    4
+        1,    2,    3,    1,    1,    1,    1,    1,    4,    1,
+        1,    1,    1,    1,    4,    4,    4
     } ;
 
-static yyconst flex_int16_t yy_base[40] =
+static yyconst flex_int16_t yy_base[41] =
     {   0,
-        0,    0,   15,   17,   51,   54,   54,   54,   17,   45,
-       16,   54,   15,   54,   54,   54,   54,    0,    0,   54,
-       54,   20,   54,    0,   37,   54,   19,   54,    0,   18,
-        0,    0,   54,   33,   37,   41,   45,   23,   49
+        0,    0,   16,   18,   50,   56,   56,   56,   18,   39,
+       17,   56,   56,   16,   56,   56,   56,   56,    0,    0,
+       56,   56,   20,   56,    0,   26,   56,   21,   56,    0,
+       19,    0,    0,   56,   35,   39,   43,   47,   22,   51
     } ;
 
-static yyconst flex_int16_t yy_def[40] =
+static yyconst flex_int16_t yy_def[41] =
     {   0,
-       33,    1,   34,   34,   33,   33,   33,   33,   35,   36,
-       37,   33,   33,   33,   33,   33,   33,   38,   39,   33,
-       33,   35,   33,   35,   36,   33,   37,   33,   37,   33,
-       38,   39,    0,   33,   33,   33,   33,   33,   33
+       34,    1,   35,   35,   34,   34,   34,   34,   36,   37,
+       38,   34,   34,   34,   34,   34,   34,   34,   39,   40,
+       34,   34,   36,   34,   36,   37,   34,   38,   34,   38,
+       34,   39,   40,    0,   34,   34,   34,   34,   34,   34
     } ;
 
-static yyconst flex_int16_t yy_nxt[71] =
+static yyconst flex_int16_t yy_nxt[74] =
     {   0,
         6,    7,    8,    9,   10,   11,   12,   13,   14,   15,
-       16,    6,   17,    6,   18,   18,   20,   21,   20,   21,
-       23,   28,   30,   23,   28,   30,   31,   29,   24,   30,
-       29,   24,   30,   19,   19,   19,   19,   22,   22,   26,
-       22,   25,   25,   25,   25,   27,   27,   26,   27,   32,
-       33,   33,   32,    5,   33,   33,   33,   33,   33,   33,
-       33,   33,   33,   33,   33,   33,   33,   33,   33,   33
+       16,   17,    6,   18,    6,   19,   19,   21,   22,   21,
+       22,   24,   29,   24,   31,   32,   29,   31,   27,   30,
+       25,   31,   25,   30,   31,   20,   20,   20,   20,   23,
+       23,   27,   23,   26,   26,   26,   26,   28,   28,   34,
+       28,   33,   34,   34,   33,    5,   34,   34,   34,   34,
+       34,   34,   34,   34,   34,   34,   34,   34,   34,   34,
+       34,   34,   34
     } ;
 
-static yyconst flex_int16_t yy_chk[71] =
+static yyconst flex_int16_t yy_chk[74] =
     {   0,
         1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    3,    3,    4,    4,
-        9,   11,   13,   22,   27,   30,   38,   11,    9,   13,
-       27,   22,   30,   34,   34,   34,   34,   35,   35,   25,
-       35,   36,   36,   36,   36,   37,   37,   10,   37,   39,
-        5,    0,   39,   33,   33,   33,   33,   33,   33,   33,
-       33,   33,   33,   33,   33,   33,   33,   33,   33,   33
+        1,    1,    1,    1,    1,    1,    1,    3,    3,    4,
+        4,    9,   11,   23,   14,   39,   28,   31,   26,   11,
+        9,   14,   23,   28,   31,   35,   35,   35,   35,   36,
+       36,   10,   36,   37,   37,   37,   37,   38,   38,    5,
+       38,   40,    0,    0,   40,   34,   34,   34,   34,   34,
+       34,   34,   34,   34,   34,   34,   34,   34,   34,   34,
+       34,   34,   34
     } ;
 
 /* Table of booleans, true if rule could match eol. */
-static yyconst flex_int32_t yy_rule_can_match_eol[16] =
+static yyconst flex_int32_t yy_rule_can_match_eol[17] =
     {   0,
-0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0,     };
+0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0,     };
 
 /* The intent behind this definition is that it'll catch
  * any uses of REJECT which flex missed.
@@ -496,7 +498,7 @@ int xlu__cfg_yyget_column(yyscan_t yyscanner);
 void xlu__cfg_yyset_column(int  column_no, yyscan_t yyscanner);
 
 
-#line 500 "libxlu_cfg_l.c"
+#line 502 "libxlu_cfg_l.c"
 
 #define INITIAL 0
 #define lexerr 1
@@ -744,7 +746,7 @@ YY_DECL
 #line 37 "libxlu_cfg_l.l"
 
 
-#line 748 "libxlu_cfg_l.c"
+#line 750 "libxlu_cfg_l.c"
 
     yylval = yylval_param;
 
@@ -807,13 +809,13 @@ yy_match:
                        while ( yy_chk[yy_base[yy_current_state] + yy_c] != 
yy_current_state )
                                {
                                yy_current_state = (int) 
yy_def[yy_current_state];
-                               if ( yy_current_state >= 34 )
+                               if ( yy_current_state >= 35 )
                                        yy_c = yy_meta[(unsigned int) yy_c];
                                }
                        yy_current_state = yy_nxt[yy_base[yy_current_state] + 
(unsigned int) yy_c];
                        ++yy_cp;
                        }
-               while ( yy_current_state != 33 );
+               while ( yy_current_state != 34 );
                yy_cp = yyg->yy_last_accepting_cpos;
                yy_current_state = yyg->yy_last_accepting_state;
 
@@ -917,34 +919,43 @@ case 12:
 YY_RULE_SETUP
 #line 67 "libxlu_cfg_l.l"
 {
+                          ctx->likely_python= 1;
                           BEGIN(lexerr);
                           yymore();
                         }
        YY_BREAK
 case 13:
 YY_RULE_SETUP
-#line 72 "libxlu_cfg_l.l"
+#line 73 "libxlu_cfg_l.l"
+{
+                          BEGIN(lexerr);
+                          yymore();
+                        }
+       YY_BREAK
+case 14:
+YY_RULE_SETUP
+#line 78 "libxlu_cfg_l.l"
 {
                           xlu__cfgl_lexicalerror(ctx,"lexical error");
                           BEGIN(0);
                         }
        YY_BREAK
-case 14:
-/* rule 14 can match eol */
+case 15:
+/* rule 15 can match eol */
 YY_RULE_SETUP
-#line 77 "libxlu_cfg_l.l"
+#line 83 "libxlu_cfg_l.l"
 {
                           xlu__cfgl_lexicalerror(ctx,"lexical error");
                           BEGIN(0);
                           GOT(NEWLINE);
                         }
        YY_BREAK
-case 15:
+case 16:
 YY_RULE_SETUP
-#line 82 "libxlu_cfg_l.l"
+#line 88 "libxlu_cfg_l.l"
 YY_FATAL_ERROR( "flex scanner jammed" );
        YY_BREAK
-#line 948 "libxlu_cfg_l.c"
+#line 959 "libxlu_cfg_l.c"
 case YY_STATE_EOF(INITIAL):
 case YY_STATE_EOF(lexerr):
        yyterminate();
@@ -1240,7 +1251,7 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
                while ( yy_chk[yy_base[yy_current_state] + yy_c] != 
yy_current_state )
                        {
                        yy_current_state = (int) yy_def[yy_current_state];
-                       if ( yy_current_state >= 34 )
+                       if ( yy_current_state >= 35 )
                                yy_c = yy_meta[(unsigned int) yy_c];
                        }
                yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned 
int) yy_c];
@@ -1269,11 +1280,11 @@ static int yy_get_next_buffer (yyscan_t yyscanner)
        while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
                {
                yy_current_state = (int) yy_def[yy_current_state];
-               if ( yy_current_state >= 34 )
+               if ( yy_current_state >= 35 )
                        yy_c = yy_meta[(unsigned int) yy_c];
                }
        yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) 
yy_c];
-       yy_is_jam = (yy_current_state == 33);
+       yy_is_jam = (yy_current_state == 34);
 
        return yy_is_jam ? 0 : yy_current_state;
 }
@@ -2094,4 +2105,4 @@ void xlu__cfg_yyfree (void * ptr , yyscan_t yyscanner)
 
 #define YYTABLES_NAME "yytables"
 
-#line 82 "libxlu_cfg_l.l"
+#line 88 "libxlu_cfg_l.l"
diff --git a/tools/libxl/libxlu_cfg_l.h b/tools/libxl/libxlu_cfg_l.h
index 26f6dd6..02a0803 100644
--- a/tools/libxl/libxlu_cfg_l.h
+++ b/tools/libxl/libxlu_cfg_l.h
@@ -350,7 +350,7 @@ extern int xlu__cfg_yylex \
 #undef YY_DECL
 #endif
 
-#line 82 "libxlu_cfg_l.l"
+#line 88 "libxlu_cfg_l.l"
 
 #line 356 "libxlu_cfg_l.h"
 #undef xlu__cfg_yyIN_HEADER
diff --git a/tools/libxl/libxlu_cfg_l.l b/tools/libxl/libxlu_cfg_l.l
index ac6b011..21c11ff 100644
--- a/tools/libxl/libxlu_cfg_l.l
+++ b/tools/libxl/libxlu_cfg_l.l
@@ -64,6 +64,12 @@ void xlu__cfg_yyset_column(int  column_no, yyscan_t 
yyscanner);
                           GOT(STRING);
                         }
 
+[+-.():]                {
+                          ctx->likely_python= 1;
+                          BEGIN(lexerr);
+                          yymore();
+                        }
+
 .                       {
                           BEGIN(lexerr);
                           yymore();
diff --git a/tools/libxl/libxlu_internal.h b/tools/libxl/libxlu_internal.h
index fd7addc..e251a63 100644
--- a/tools/libxl/libxlu_internal.h
+++ b/tools/libxl/libxlu_internal.h
@@ -41,7 +41,7 @@ struct XLU_Config {
 
 typedef struct {
     XLU_Config *cfg;
-    int err, lexerrlineno;
+    int err, lexerrlineno, likely_python;
     void *scanner;
 } CfgParseContext;
 
-- 
1.5.6.5


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.