[ovs-dev] [PATCH] bridge: Also prohibit \ in bridge names.

Wed Feb 3 22:45:30 UTC 2016

This is only necessary for Windows but it's no great loss elsewhere.

Also, document the restriction on bridge names.

Signed-off-by: Ben Pfaff <blp at ovn.org>
---
 vswitchd/bridge.c    |  9 ++++++---
 vswitchd/vswitch.xml | 12 +++++++++---
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c
index 4b9703f..2ff2322 100644
--- a/vswitchd/bridge.c
+++ b/vswitchd/bridge.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc.
+/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -1696,9 +1696,12 @@ add_del_bridges(const struct ovsrec_open_vswitch *cfg)
         static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
         const struct ovsrec_bridge *br_cfg = cfg->bridges[i];
 
-        if (strchr(br_cfg->name, '/')) {
+        if (strchr(br_cfg->name, '/') || strchr(br_cfg->name, '\\')) {
             /* Prevent remote ovsdb-server users from accessing arbitrary
-             * directories, e.g. consider a bridge named "../../../etc/". */
+             * directories, e.g. consider a bridge named "../../../etc/".
+             *
+             * Prohibiting "\" is only necessary on Windows but it's no great
+             * loss elsewhere. */
             VLOG_WARN_RL(&rl, "ignoring bridge with invalid name \"%s\"",
                          br_cfg->name);
         } else if (!shash_add_once(&new_br, br_cfg->name, br_cfg)) {
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index ce0dbc1..e7c7e3c 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -503,9 +503,15 @@
 
     <group title="Core Features">
       <column name="name">
-        Bridge identifier.  Should be alphanumeric and no more than about 8
-        bytes long.  Must be unique among the names of ports, interfaces, and
-        bridges on a host.
+        <p>
+          Bridge identifier.  Should be alphanumeric and no more than about 8
+          bytes long.  Must be unique among the names of ports, interfaces, and
+          bridges on a host.
+        </p>
+
+        <p>
+          Forward and backward slashes are prohibited in bridge names.
+        </p>
       </column>
 
       <column name="ports">
-- 
2.1.3


