QOM names currently don't have any enforced naming rules. This
can be problematic, e.g. when they are used on the command line
for the "-device" option (where the comma is used to separate
properties). To avoid that such problematic type names come in
again, let's restrict the set of acceptable characters during the
type registration.
Ideally, we'd apply here the same rules as for QAPI, i.e. all type
names should begin with a letter, and contain only ASCII letters,
digits, hyphen, and underscore. However, we already have so many
pre-existing types like:
486-x86_64-cpu
cfi.pflash01
power5+_v2.1-spapr-cpu-core
virt-2.6-machine::hotplug-handler
aspeed.i2c.slave::vmstate-if
pc-i440fx-3.0-machine::nmi
... so that we have to allow ".", ":" and "+" for now, too, and
we unfortunately even cannot enforce the rule that names must start
with a letter yet. Still, having at least some rules enforced here
should be way better than nothing.
Signed-off-by: Thomas Huth <th...@redhat.com>
---
qom/object.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/qom/object.c b/qom/object.c
index 95c0dc8285..8ff85e0239 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -101,6 +101,20 @@ static TypeImpl *type_table_lookup(const char *name)
return g_hash_table_lookup(type_table_get(), name);
}
+static bool type_name_is_valid(const char *name)
+{
+ const int slen = strlen(name);
+
+ for (int i = 0; i < slen; i++) {
+ if (!g_ascii_isalnum (name[i]) && name[i] != '-' && name[i] != '_' &&
+ name[i] != '.' && name[i] != ':' && name[i] != '+') {
+ return false;
+ }
+ }
+
+ return true;
+}
+
static TypeImpl *type_new(const TypeInfo *info)
{
TypeImpl *ti = g_malloc0(sizeof(*ti));
@@ -113,6 +127,11 @@ static TypeImpl *type_new(const TypeInfo *info)
abort();
}
+ if (!type_name_is_valid(info->name)) {
+ fprintf(stderr, "Registering `%s' with illegal type name\n",
info->name);
+ abort();
+ }
+
ti->name = g_strdup(info->name);
ti->parent = g_strdup(info->parent);
--
2.41.0
