Skip to content

Commit

Permalink
lxc: Validate location header and listen address.
Browse files Browse the repository at this point in the history 
Signed-off-by: Mark Laing <[email protected]>
  • Loading branch information
@markylaing
markylaing committed Jun 4, 2024
1 parent f85f6e3 commit fced8de
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 6 deletions.
15 changes: 12 additions & 3 deletions lxc/network_forward.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import (
cli "github.com/canonical/lxd/shared/cmd"
"github.com/canonical/lxd/shared/i18n"
"github.com/canonical/lxd/shared/termios"
"github.com/canonical/lxd/shared/version"
)

type cmdNetworkForward struct {
Expand Down Expand Up @@ -339,11 +340,19 @@ func (c *cmdNetworkForwardCreate) run(cmd *cobra.Command, args []string) error {
return err
}

parts := strings.Split(transporter.location, "/")
listenAddress = parts[len(parts)-1]
forwardURLPrefix := api.NewURL().Path(version.APIVersion, "networks", networkName, "forwards").String()
_, err = fmt.Sscanf(transporter.location, forwardURLPrefix+"/%s", &listenAddress)
if err != nil {
return fmt.Errorf("Received unexpected location header %q: %w", transporter.location, err)
}

addr := net.ParseIP(listenAddress)
if addr == nil {
return fmt.Errorf("Received invalid IP %q", listenAddress)
}

if !c.global.flagQuiet {
fmt.Printf(i18n.G("Network forward %s created")+"\n", listenAddress)
fmt.Printf(i18n.G("Network forward %s created")+"\n", addr.String())
}

return nil
Expand Down
15 changes: 12 additions & 3 deletions lxc/network_load_balancer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import (
cli "github.com/canonical/lxd/shared/cmd"
"github.com/canonical/lxd/shared/i18n"
"github.com/canonical/lxd/shared/termios"
"github.com/canonical/lxd/shared/version"
)

type cmdNetworkLoadBalancer struct {
Expand Down Expand Up @@ -343,11 +344,19 @@ func (c *cmdNetworkLoadBalancerCreate) run(cmd *cobra.Command, args []string) er
return err
}

parts := strings.Split(transporter.location, "/")
listenAddress = parts[len(parts)-1]
loadBalancerURLPrefix := api.NewURL().Path(version.APIVersion, "networks", networkName, "load-balancers").String()
_, err = fmt.Sscanf(transporter.location, loadBalancerURLPrefix+"/%s", &listenAddress)
if err != nil {
return fmt.Errorf("Received unexpected location header %q: %w", transporter.location, err)
}

addr := net.ParseIP(listenAddress)
if addr == nil {
return fmt.Errorf("Received invalid IP %q", listenAddress)
}

if !c.global.flagQuiet {
fmt.Printf(i18n.G("Network load balancer %s created")+"\n", listenAddress)
fmt.Printf(i18n.G("Network load balancer %s created")+"\n", addr.String())
}

return nil
Expand Down

0 comments on commit fced8de

Please sign in to comment.