Re: [libvirt] [PATCH 4/8] snapshot: Add VIR_DOMAIN_SNAPSHOT_CREATE_VALIDATE flag
On Mon, Jul 08, 2019 at 22:12:38 -0500, Eric Blake wrote:
On 7/8/19 2:56 AM, Peter Krempa wrote:
> On Fri, Jul 05, 2019 at 23:37:31 -0500, Eric Blake wrote:
>> We've been doing a terrible job of performing XML validation in our
>> various API that parse XML with a corresponding schema (we started
>> with domains back in commit dd69a14f, v1.2.12, but didn't catch all
>> domain-related APIs, and didn't cover other XMLM). New APIs (like
[...]
>> @@ -366,7 +379,7 @@ cmdSnapshotCreateAs(vshControl *ctl,
const vshCmd *cmd)
>> const char *desc = NULL;
>> const char *memspec = NULL;
>> virBuffer buf = VIR_BUFFER_INITIALIZER;
>> - unsigned int flags = 0;
>> + unsigned int flags = VIR_DOMAIN_SNAPSHOT_CREATE_VALIDATE;
>
> ... just to validate something we always generated ourselves.
...but I can drop the use here, if you think we are safe.
>
> ACK if you remove the use of the flag in cmdSnapshotCreateAs. Other are
> at your discretion.
Hmm, on a second thought, the XML is created from user-provided bits
which may be validated insufficiently, so if you didn't follow through
on this one you can use my ACK even with the compat glue and explicit
validation.
Attachments:
- signature.asc (application/pgp-signature — 833 bytes)