all lists on lists.proxmox.com
 help / color / mirror / Atom feed
* [pve-devel] [PATCH access-control] schema: disallow '0' as a pool name
@ 2025-05-21 12:15 Fiona Ebner
  2025-05-22  5:51 ` Thomas Lamprecht
  2025-05-26 14:23 ` [pve-devel] superseded: " Fiona Ebner
  0 siblings, 2 replies; 4+ messages in thread
From: Fiona Ebner @ 2025-05-21 12:15 UTC (permalink / raw)
  To: pve-devel

A pool with ID '0' can be added, but not parsed, because it will
evaluate to false in parse_user_config():

> if (!verify_poolname($pool, 1)) {
>     warn "user config - ignore pool '$pool' - invalid characters in pool name\n";
>     next;
> }

It's likely that it would cause other issues as well if properly
handled there, so prohibit it in the schema.

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
 src/PVE/AccessControl.pm | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index 1c79656..224aeee 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1327,6 +1327,11 @@ sub verify_poolname {
 	return undef;
     }
 
+    if ($poolname eq '0') {
+	die "invalid pool name '$poolname'\n" if !$noerr;
+	return undef;
+    }
+
     # also adapt check_path above if changed!
     if ($poolname !~ m!^[A-Za-z0-9\.\-_]+(?:/[A-Za-z0-9\.\-_]+){0,2}$!) {
 	die "pool name '$poolname' contains invalid characters\n" if !$noerr;
-- 
2.39.5



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [pve-devel] [PATCH access-control] schema: disallow '0' as a pool name
  2025-05-21 12:15 [pve-devel] [PATCH access-control] schema: disallow '0' as a pool name Fiona Ebner
@ 2025-05-22  5:51 ` Thomas Lamprecht
  2025-05-22  6:19   ` Thomas Lamprecht
  2025-05-26 14:23 ` [pve-devel] superseded: " Fiona Ebner
  1 sibling, 1 reply; 4+ messages in thread
From: Thomas Lamprecht @ 2025-05-22  5:51 UTC (permalink / raw)
  To: Proxmox VE development discussion, Fiona Ebner

Am 21.05.25 um 14:15 schrieb Fiona Ebner:
> A pool with ID '0' can be added, but not parsed, because it will
> evaluate to false in parse_user_config():
> 
>> if (!verify_poolname($pool, 1)) {
>>     warn "user config - ignore pool '$pool' - invalid characters in pool name\n";
>>     next;
>> }
> 
> It's likely that it would cause other issues as well if properly
> handled there, so prohibit it in the schema.

Would be all bugs then though, and odd if I can use "1" or "2" but not "0".

IMO we better fix this for real or disallow all digits for the first character
on pool creation.

> 
> Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
> ---
>  src/PVE/AccessControl.pm | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
> index 1c79656..224aeee 100644
> --- a/src/PVE/AccessControl.pm
> +++ b/src/PVE/AccessControl.pm
> @@ -1327,6 +1327,11 @@ sub verify_poolname {
>  	return undef;
>      }
>  
> +    if ($poolname eq '0') {
> +	die "invalid pool name '$poolname'\n" if !$noerr;
> +	return undef;
> +    }
> +
>      # also adapt check_path above if changed!
>      if ($poolname !~ m!^[A-Za-z0-9\.\-_]+(?:/[A-Za-z0-9\.\-_]+){0,2}$!) {
>  	die "pool name '$poolname' contains invalid characters\n" if !$noerr;



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [pve-devel] [PATCH access-control] schema: disallow '0' as a pool name
  2025-05-22  5:51 ` Thomas Lamprecht
@ 2025-05-22  6:19   ` Thomas Lamprecht
  0 siblings, 0 replies; 4+ messages in thread
From: Thomas Lamprecht @ 2025-05-22  6:19 UTC (permalink / raw)
  To: Proxmox VE development discussion, Fiona Ebner

Am 22.05.25 um 07:51 schrieb Thomas Lamprecht:
>> It's likely that it would cause other issues as well if properly
>> handled there, so prohibit it in the schema.
> Would be all bugs then though, and odd if I can use "1" or "2" but not "0".
> 
> IMO we better fix this for real or disallow all digits for the first character
> on pool creation.

(... for the next major release / chance to break this, obviously)


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [pve-devel] superseded: [PATCH access-control] schema: disallow '0' as a pool name
  2025-05-21 12:15 [pve-devel] [PATCH access-control] schema: disallow '0' as a pool name Fiona Ebner
  2025-05-22  5:51 ` Thomas Lamprecht
@ 2025-05-26 14:23 ` Fiona Ebner
  1 sibling, 0 replies; 4+ messages in thread
From: Fiona Ebner @ 2025-05-26 14:23 UTC (permalink / raw)
  To: pve-devel

superseded by:
https://lore.proxmox.com/pve-devel/20250526141941.1654201-1-f.ebner@proxmox.com/T/


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2025-05-26 14:24 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-05-21 12:15 [pve-devel] [PATCH access-control] schema: disallow '0' as a pool name Fiona Ebner
2025-05-22  5:51 ` Thomas Lamprecht
2025-05-22  6:19   ` Thomas Lamprecht
2025-05-26 14:23 ` [pve-devel] superseded: " Fiona Ebner

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal