From 8c59707cba3bb889ed71afbf9ecd70b29ea81ccf Mon Sep 17 00:00:00 2001 From: "Joshua M. Boniface" Date: Fri, 24 Jan 2020 13:17:48 -0500 Subject: [PATCH] Prevent writing invalid XML to config --- client-api/api_lib/pvcapi_helper.py | 18 ++++++++++++++++-- client-cli/pvc.py | 18 ++++++++++++++++-- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/client-api/api_lib/pvcapi_helper.py b/client-api/api_lib/pvcapi_helper.py index d78406ab..8e1e1843 100755 --- a/client-api/api_lib/pvcapi_helper.py +++ b/client-api/api_lib/pvcapi_helper.py @@ -22,6 +22,7 @@ import flask import json +import lxml.etree as etree from distutils.util import strtobool @@ -422,8 +423,15 @@ def vm_define(xml, node, limit, selector, autostart): """ Define a VM from Libvirt XML in the PVC cluster. """ + # Verify our XML is sensible + try: + xml_data = etree.fromstring(xml) + new_cfg = etree.tostring(xml_data, pretty_print=True).decode('utf8') + except Exception as e: + return {'message': 'Error: XML is malformed or incorrect: {}'.format(e)}, 400 + zk_conn = pvc_common.startZKConnection(config['coordinators']) - retflag, retdata = pvc_vm.define_vm(zk_conn, xml, node, limit, selector, autostart, profile=None) + retflag, retdata = pvc_vm.define_vm(zk_conn, new_cfg, node, limit, selector, autostart, profile=None) pvc_common.stopZKConnection(zk_conn) if retflag: @@ -492,8 +500,14 @@ def vm_modify(name, restart, xml): """ Modify a VM Libvirt XML in the PVC cluster. """ + # Verify our XML is sensible + try: + xml_data = etree.fromstring(xml) + new_cfg = etree.tostring(xml_data, pretty_print=True).decode('utf8') + except Exception as e: + return {'message': 'Error: XML is malformed or incorrect: {}'.format(e)}, 400 zk_conn = pvc_common.startZKConnection(config['coordinators']) - retflag, retdata = pvc_vm.modify_vm(zk_conn, name, restart, xml) + retflag, retdata = pvc_vm.modify_vm(zk_conn, name, restart, new_cfg) pvc_common.stopZKConnection(zk_conn) if retflag: diff --git a/client-cli/pvc.py b/client-cli/pvc.py index aca81a4b..2e213dd1 100755 --- a/client-cli/pvc.py +++ b/client-cli/pvc.py @@ -521,7 +521,14 @@ def vm_define(vmconfig, target_node, node_limit, node_selector, node_autostart): vmconfig_data = vmconfig.read() vmconfig.close() - retcode, retmsg = pvc_vm.define_vm(config, vmconfig_data, target_node, node_limit, node_selector, node_autostart) + # Verify our XML is sensible + try: + xml_data = etree.fromstring(vmconfig_data) + new_cfg = etree.tostring(xml_data, pretty_print=True).decode('utf8') + except: + cleanup(False, 'Error: XML is malformed or invalid') + + retcode, retmsg = pvc_vm.define_vm(config, new_cfg, target_node, node_limit, node_selector, node_autostart) cleanup(retcode, retmsg) ############################################################################### @@ -634,7 +641,14 @@ def vm_modify(domain, cfgfile, editor, restart): else: click.echo('Replacing configuration of VM "{}" with file "{}".'.format(dom_name, cfgfile.name)) - retcode, retmsg = pvc_vm.vm_modify(config, domain, new_vm_cfgfile, restart) + # Verify our XML is sensible + try: + xml_data = etree.fromstring(new_vm_cfgfile) + new_cfg = etree.tostring(xml_data, pretty_print=True).decode('utf8') + except Exception as e: + cleanup(False, 'Error: XML is malformed or invalid: {}'.format(e)) + + retcode, retmsg = pvc_vm.vm_modify(config, domain, new_cfg, restart) cleanup(retcode, retmsg) ###############################################################################