From: Peter Krempa <pkrempa@redhat.com>
Date: Thu, 16 Sep 2021 13:44:25 +0000 (+0200)
Subject: vshCmddefCheckInternals: Sanitize command alias validation
X-Git-Tag: v7.8.0-rc1~174
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7f72ed0707f2c0dcc84c8230c49794241b4924a1;p=thirdparty%2Flibvirt.git

vshCmddefCheckInternals: Sanitize command alias validation

We don't need to validate the real command twice, but it's better to
check that the real command name exists and it's not an alias to prevent
loops.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---

diff --git a/tools/vsh.c b/tools/vsh.c
index eb17a58dc0..05da50eace 100644
--- a/tools/vsh.c
+++ b/tools/vsh.c
@@ -269,11 +269,27 @@ vshCmddefCheckInternals(vshControl *ctl,
 
     /* in order to perform the validation resolve the alias first */
     if (cmd->flags & VSH_CMD_FLAG_ALIAS) {
+        const vshCmdDef *alias;
+
         if (!cmd->alias) {
             vshError(ctl, _("command '%s' has inconsistent alias"), cmd->name);
             return -1;
         }
-        cmd = vshCmddefSearch(cmd->alias);
+
+        if (!(alias = vshCmddefSearch(cmd->alias))) {
+            vshError(ctl, _("command alias '%s' is pointing to a non-existant command '%s'"),
+                     cmd->name, cmd->alias);
+            return -1;
+        }
+
+        if (alias->flags & VSH_CMD_FLAG_ALIAS) {
+            vshError(ctl, _("command alias '%s' is pointing to another command alias '%s'"),
+                     cmd->name, cmd->alias);
+            return -1;
+        }
+
+        /* we don't need to continue as the real command will be checked separately */
+        return 0;
     }
 
     /* Each command has to provide a non-empty help string. */