Skip to content

Commit

Permalink
Report an error message when the property value is invalid
Browse files Browse the repository at this point in the history
Add error message to QubesValueErrors raised by
qubes.property.sanitize(). Without this qvm-prefs is not very helpful:

    $ qvm-prefs sys-firewall netvm ä
    qvm-prefs: error:
    $ qvm-prefs sys-firewall vcpus x
    qvm-prefs: error:
    $
  • Loading branch information
HW42 committed Dec 11, 2023
1 parent 2c18f2c commit c344689
Showing 1 changed file with 9 additions and 11 deletions.
20 changes: 9 additions & 11 deletions qubes/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -358,27 +358,25 @@ def sanitize(self, *, untrusted_newvalue):
:return: sanitized value
:raises: qubes.exc.QubesValueError
'''
try:
untrusted_newvalue = untrusted_newvalue.decode('ascii',
errors='strict')
except UnicodeDecodeError:
raise qubes.exc.QubesValueError(
'Non-ASCII bytes in property value')
# do not treat type='str' as sufficient validation
if self.type is not None and self.type is not str:
# assume specific type will preform enough validation
try:
untrusted_newvalue = untrusted_newvalue.decode('ascii',
errors='strict')
except UnicodeDecodeError:
raise qubes.exc.QubesValueError
if self.type is bool:
return self.bool(None, None, untrusted_newvalue)
try:
return self.type(untrusted_newvalue)
except ValueError:
raise qubes.exc.QubesValueError
raise qubes.exc.QubesValueError(
'Failed to parse property value as {}'.format(
self.type.__name__))
else:
# 'str' or not specified type
try:
untrusted_newvalue = untrusted_newvalue.decode('ascii',
errors='strict')
except UnicodeDecodeError:
raise qubes.exc.QubesValueError
allowed_set = string.printable
if not all(x in allowed_set for x in untrusted_newvalue):
raise qubes.exc.QubesValueError(
Expand Down

0 comments on commit c344689

Please sign in to comment.