[libvirt] [PATCH] esx: Escape password for XML

Passwords are allowed to contain <, >, &, ', " characters. Those need to be replaced by the corresponding entities. Reported by Hereward Cooper. --- src/esx/esx_driver.c | 28 ++++++++++++++++++++++------ src/esx/esx_util.c | 19 +++++++++++++++++++ src/esx/esx_util.h | 2 ++ 3 files changed, 43 insertions(+), 6 deletions(-) diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c index 116ad0f..13374b7 100644 --- a/src/esx/esx_driver.c +++ b/src/esx/esx_driver.c @@ -626,6 +626,7 @@ esxConnectToHost(esxPrivate *priv, virConnectAuthPtr auth, int result = -1; char ipAddress[NI_MAXHOST] = ""; char *username = NULL; + char *unescapedPassword = NULL; char *password = NULL; char *url = NULL; esxVI_String *propertyNameList = NULL; @@ -657,13 +658,19 @@ esxConnectToHost(esxPrivate *priv, virConnectAuthPtr auth, } } - password = virRequestPassword(auth, username, hostname); + unescapedPassword = virRequestPassword(auth, username, hostname); - if (password == NULL) { + if (unescapedPassword == NULL) { ESX_ERROR(VIR_ERR_AUTH_FAILED, "%s", _("Password request failed")); goto cleanup; } + password = esxUtil_EscapeForXml(unescapedPassword); + + if (password == NULL) { + goto cleanup; + } + if (virAsprintf(&url, "%s://%s:%d/sdk", priv->transport, hostname, port) < 0) { virReportOOMError(); @@ -727,8 +734,9 @@ esxConnectToHost(esxPrivate *priv, virConnectAuthPtr auth, result = 0; cleanup: - VIR_FREE(password); VIR_FREE(username); + VIR_FREE(unescapedPassword); + VIR_FREE(password); VIR_FREE(url); esxVI_String_Free(&propertyNameList); esxVI_ObjectContent_Free(&hostSystem); @@ -748,6 +756,7 @@ esxConnectToVCenter(esxPrivate *priv, virConnectAuthPtr auth, int result = -1; char ipAddress[NI_MAXHOST] = ""; char *username = NULL; + char *unescapedPassword = NULL; char *password = NULL; char *url = NULL; @@ -779,13 +788,19 @@ esxConnectToVCenter(esxPrivate *priv, virConnectAuthPtr auth, } } - password = virRequestPassword(auth, username, hostname); + unescapedPassword = virRequestPassword(auth, username, hostname); - if (password == NULL) { + if (unescapedPassword == NULL) { ESX_ERROR(VIR_ERR_AUTH_FAILED, "%s", _("Password request failed")); goto cleanup; } + password = esxUtil_EscapeForXml(unescapedPassword); + + if (password == NULL) { + goto cleanup; + } + if (virAsprintf(&url, "%s://%s:%d/sdk", priv->transport, hostname, port) < 0) { virReportOOMError(); @@ -822,8 +837,9 @@ esxConnectToVCenter(esxPrivate *priv, virConnectAuthPtr auth, result = 0; cleanup: - VIR_FREE(password); VIR_FREE(username); + VIR_FREE(unescapedPassword); + VIR_FREE(password); VIR_FREE(url); return result; diff --git a/src/esx/esx_util.c b/src/esx/esx_util.c index 2603957..9ef947c 100644 --- a/src/esx/esx_util.c +++ b/src/esx/esx_util.c @@ -552,3 +552,22 @@ esxUtil_EscapeDatastoreItem(const char *string) return escaped2; } + + + +char * +esxUtil_EscapeForXml(const char *string) +{ + virBuffer buffer = VIR_BUFFER_INITIALIZER; + + virBufferEscapeString(&buffer, "%s", string); + + if (virBufferError(&buffer)) { + virReportOOMError(); + virBufferFreeAndReset(&buffer); + + return NULL; + } + + return virBufferContentAndReset(&buffer); +} diff --git a/src/esx/esx_util.h b/src/esx/esx_util.h index d00e28a..39fdb6d 100644 --- a/src/esx/esx_util.h +++ b/src/esx/esx_util.h @@ -62,4 +62,6 @@ void esxUtil_ReplaceSpecialWindowsPathChars(char *string); char *esxUtil_EscapeDatastoreItem(const char *string); +char *esxUtil_EscapeForXml(const char *string); + #endif /* __ESX_UTIL_H__ */ -- 1.7.0.4