Vinzenz Feenstra has uploaded a new change for review. Change subject: agent: Perform string sanitization on messages ......................................................................
agent: Perform string sanitization on messages Messages sent via VirtIO are now checked for being presentable and additionally filtered for invalid characters due to invalid encodings. Change-Id: I499a22e1572b55d1a3a4de7ce6f89ebb130861a8 Bug-Url: https://bugzilla.redhat.com/947014 Signed-off-by: Vinzenz Feenstra <vfeen...@redhat.com> --- M ovirt-guest-agent/VirtIoChannel.py 1 file changed, 59 insertions(+), 1 deletion(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-guest-agent refs/changes/08/13608/1 diff --git a/ovirt-guest-agent/VirtIoChannel.py b/ovirt-guest-agent/VirtIoChannel.py index e4ca77f..97dab89 100644 --- a/ovirt-guest-agent/VirtIoChannel.py +++ b/ovirt-guest-agent/VirtIoChannel.py @@ -1,5 +1,5 @@ # -# Copyright 2010 Red Hat, Inc. and/or its affiliates. +# Copyright 2010-2013 Red Hat, Inc. and/or its affiliates. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,6 +19,7 @@ import os import platform import time +import sys # avoid pep8 warnings @@ -30,6 +31,62 @@ import simplejson return simplejson json = import_json() + + +__RESTRICTED_CHARS = set(range(8 + 1)).union( + set(range(0xB, 0xC + 1))).union( + set(range(0xE, 0x1F + 1))).union( + set(range(0x7F, 0x84 + 1))).union( + set(range(0x86, 0x9F + 1))) + + +def _string_check(str): + """ + This function tries to convert the given string to a valid representable + form. Normal and valid unicode strings should not fail this test. Invalid + encodings will fail this and might get characters replaced. + """ + try: + str.encode(sys.stdout.encoding, 'strict') + except UnicodeEncodeError: + try: + return str.encode('ascii', 'replace') + except UnicodeEncodeError: + # unrepresentable string + return unicode() + return str + + +def _filter_xml_chars(u): + """ + Filter out restarted xml chars from unicode string. Not using + Python's xmlcharrefreplace because it accepts '\x01', which + the spec frown upon. + + Set taken from http://www.w3.org/TR/xml11/#NT-RestrictedChar + """ + def mask_restricted(c): + if ord(c) in __RESTRICTED_CHARS: + return '?' + else: + return c + return ''.join(mask_restricted(c) for c in u) + + +def _filter_object(o): + """ + Apply _filter_xml_chars and _string_check on all strings in the given + object + """ + def filt(o): + if isinstance(o, dict): + return dict([(filt(k), filt(v)) for k, v in o.iteritems()]) + if isinstance(o, list): + return map(filt, o) + if isinstance(o, basestring): + return _filter_xml_chars(_string_check(o)) + return o + return filt(o) class VirtIoChannel: @@ -91,6 +148,7 @@ if not isinstance(args, dict): raise TypeError("2nd arg must be a dict.") args['__name__'] = name + args = _filter_object(args) message = (json.dumps(args) + '\n').encode('utf8') while len(message) > 0: if self.is_windows: -- To view, visit http://gerrit.ovirt.org/13608 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I499a22e1572b55d1a3a4de7ce6f89ebb130861a8 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-guest-agent Gerrit-Branch: master Gerrit-Owner: Vinzenz Feenstra <vfeen...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
