From f0fa75f793bc6dd5a862d1fbb1443a51fbb25994 Mon Sep 17 00:00:00 2001 From: Murali Reddy Date: Tue, 30 Aug 2011 16:15:58 +0530 Subject: [PATCH] bug 11179: template url and format are not validated added check to verify url ends with extension same as the template format specified --- .../src/com/cloud/template/HyervisorTemplateAdapter.java | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/server/src/com/cloud/template/HyervisorTemplateAdapter.java b/server/src/com/cloud/template/HyervisorTemplateAdapter.java index d6e3e9424d2..db6a672719f 100644 --- a/server/src/com/cloud/template/HyervisorTemplateAdapter.java +++ b/server/src/com/cloud/template/HyervisorTemplateAdapter.java @@ -100,6 +100,14 @@ public class HyervisorTemplateAdapter extends TemplateAdapterBase implements Tem throw new InvalidParameterValueException("Please specify a valid "+ cmd.getFormat().toLowerCase()); } + if ((cmd.getFormat().equalsIgnoreCase("vhd") && (!url.toLowerCase().endsWith("vhd") && !url.toLowerCase().endsWith("vhd.zip") && !url.toLowerCase().endsWith("vhd.bz2") && !url.toLowerCase().endsWith("vhd.gz") )) + || (cmd.getFormat().equalsIgnoreCase("qcow2") && (!url.toLowerCase().endsWith("qcow2") && !url.toLowerCase().endsWith("qcow2.zip") && !url.toLowerCase().endsWith("qcow2.bz2") && !url.toLowerCase().endsWith("qcow2.gz") )) + || (cmd.getFormat().equalsIgnoreCase("ova") && (!url.toLowerCase().endsWith("ova") && !url.toLowerCase().endsWith("ova.zip") && !url.toLowerCase().endsWith("ova.bz2") && !url.toLowerCase().endsWith("ova.gz"))) + || (cmd.getFormat().equalsIgnoreCase("img") && !url.toLowerCase().endsWith("img")) + || (cmd.getFormat().equalsIgnoreCase("raw") && !url.toLowerCase().endsWith("raw")) ) { + throw new InvalidParameterValueException("Please specify a valid URL. URL:" + url + " is a invalid for the format " + cmd.getFormat().toLowerCase()); + } + profile.setUrl(validateUrl(url)); return profile; }