Merge pull request #2392 from GNS3/bugfix/2385

Forbid unsafe Qemu additional options
This commit is contained in:
Jeremy Grossmann 2024-07-06 17:18:59 +02:00 committed by GitHub
commit 90dce03da2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 27 additions and 1 deletions

View File

@ -93,6 +93,8 @@ require_kvm = True
enable_hardware_acceleration = True
; Require hardware acceleration in order to start VMs (all platforms)
require_hardware_acceleration = False
; Allow unsafe additional command line options
allow_unsafe_options = False
[VMware]
; First vmnet interface of the range that can be managed by the GNS3 server

View File

@ -53,6 +53,12 @@ from ...utils import macaddress_to_int, int_to_macaddress, is_ipv6_enabled
import logging
log = logging.getLogger(__name__)
# forbidden additional options
FORBIDDEN_OPTIONS = {"-blockdev", "-drive", "-hda", "-hdb", "-hdc", "-hdd",
"-fsdev", "-virtfs"}
FORBIDDEN_OPTIONS |= {"-" + opt for opt in FORBIDDEN_OPTIONS
if opt.startswith("-") and not opt.startswith("--")}
class QemuVM(BaseNode):
module_name = 'qemu'
@ -2424,9 +2430,19 @@ class QemuVM(BaseNode):
command.extend(self._tpm_options())
if additional_options:
try:
command.extend(shlex.split(additional_options))
additional_opt_list = shlex.split(additional_options)
except ValueError as e:
raise QemuError("Invalid additional options: {} error {}".format(additional_options, e))
allow_unsafe_options = self.manager.config.get_section_config("Qemu").getboolean(
"allow_unsafe_options",
False
)
if allow_unsafe_options is False:
for opt in additional_opt_list:
if opt in FORBIDDEN_OPTIONS:
raise QemuError("Forbidden additional option: {}".format(opt))
command.extend(additional_opt_list)
# avoiding mouse offset (see https://github.com/GNS3/gns3-server/issues/2335)
if self._console_type == "vnc":
command.extend(['-machine', 'usb=on', '-device', 'usb-tablet'])

View File

@ -774,6 +774,14 @@ async def test_build_command_with_invalid_options(vm):
await vm._build_command()
@pytest.mark.skipif(sys.platform.startswith("win"), reason="Not supported on Windows")
async def test_build_command_with_forbidden_options(vm):
vm.options = "-blockdev"
with pytest.raises(QemuError):
await vm._build_command()
def test_hda_disk_image(vm, images_dir):
open(os.path.join(images_dir, "test1"), "w+").close()