From fd9408bc97d07f672f901a4ca5a1b4ce34dea725 Mon Sep 17 00:00:00 2001
From: mmirecki <mmirecki@redhat.com>
Date: Wed, 14 Dec 2022 17:29:43 +0100
Subject: [PATCH] Fix tuning path validation

Signed-off-by: mmirecki <mmirecki@redhat.com>
---
 plugins/meta/tuning/tuning.go      |  4 +--
 plugins/meta/tuning/tuning_test.go | 46 ++++++++++++++++++++++++++++++
 2 files changed, 48 insertions(+), 2 deletions(-)

diff --git a/plugins/meta/tuning/tuning.go b/plugins/meta/tuning/tuning.go
index 694e75cf..749c87bd 100644
--- a/plugins/meta/tuning/tuning.go
+++ b/plugins/meta/tuning/tuning.go
@@ -578,8 +578,8 @@ func validateSysctlConflictingKeys(data []byte) error {
 }
 
 func validateArgs(args *skel.CmdArgs) error {
-	if strings.Contains(args.Args, string(os.PathSeparator)) {
-		return errors.New(fmt.Sprintf("Interface name contains an invalid character %s", string(os.PathSeparator)))
+	if strings.Contains(args.IfName, string(os.PathSeparator)) {
+		return errors.New(fmt.Sprintf("Interface name (%s) contains an invalid character %s", args.IfName, string(os.PathSeparator)))
 	}
 	return nil
 }
diff --git a/plugins/meta/tuning/tuning_test.go b/plugins/meta/tuning/tuning_test.go
index e8f06425..e17fb4e6 100644
--- a/plugins/meta/tuning/tuning_test.go
+++ b/plugins/meta/tuning/tuning_test.go
@@ -1171,5 +1171,51 @@ var _ = Describe("tuning plugin", func() {
 			Expect(err).NotTo(HaveOccurred())
 		})
 
+		It(fmt.Sprintf("[%s] does not allow ifname with path separator", ver), func() {
+			conf := []byte(fmt.Sprintf(`{
+				"name": "test",
+				"type": "tuning",
+				"cniVersion": "%s",
+				"sysctl": {
+					"net.ipv4.conf.all.log_martians": "1"
+				},
+				"prevResult": {
+					"interfaces": [
+						{"name": "eth/0", "sandbox":"netns"}
+					],
+					"ips": [
+						{
+							"version": "4",
+							"address": "10.0.0.2/24",
+							"gateway": "10.0.0.1",
+							"interface": 0
+						}
+					]
+				}
+			}`, ver))
+
+			args := &skel.CmdArgs{
+				ContainerID: "dummy",
+				Netns:       targetNS.Path(),
+				IfName:      "eth/0",
+				StdinData:   conf,
+			}
+
+			beforeConf = configToRestore{}
+
+			err := originalNS.Do(func(ns.NetNS) error {
+				defer GinkgoRecover()
+
+				_, _, err := testutils.CmdAddWithArgs(args, func() error {
+					return cmdAdd(args)
+				})
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(ContainSubstring("invalid character"))
+
+				return nil
+			})
+			Expect(err).NotTo(HaveOccurred())
+		})
+
 	}
 })