Re: [libvirt] [PATCH 04/10] Qemu arbitrary command-line arguments.
On Wed, Apr 21, 2010 at 11:25:48AM -0600, Eric Blake wrote:
On 04/21/2010 10:01 AM, Chris Lalancette wrote:
>
> +static void qemuDomainDefNamespaceFree(void *nsdata)
> +{
> + qemuDomainCmdlineDefPtr cmd = nsdata;
> + int i;
s/int/unsigned int/
> +static int qemuDomainDefNamespaceParse(xmlDocPtr xml,
> + xmlNodePtr root,
> + xmlXPathContextPtr ctxt,
> + void **data)
> +{
> + qemuDomainCmdlineDefPtr cmd = NULL;
> + xmlNsPtr ns;
> + xmlNodePtr *nodes = NULL;
> + int n, i;
n must be signed, but can i be unsigned?
> +
> +static int qemuDomainDefNamespaceFormatXML(virBufferPtr buf,
> + void *nsdata)
> +{
> + qemuDomainCmdlineDefPtr cmd = nsdata;
> + int i;
unsigned
> +
> + if (cmd->num_extra || cmd->num_env)
> + virBufferAddLit(buf, " <qemu:commandline>\n");
> + for (i = 0; i < cmd->num_extra; i++)
> + virBufferVSprintf(buf, "
<qemu:arg>%s</qemu:arg>\n", cmd->extra[i]);
Is there any chance that cmd->extra[i] might contain content that needs
escaping before it is valid as XML?
Yes, this should use virBufferEscapeString() instead.
> + for (i = 0; i < cmd->num_env; i++) {
> + virBufferVSprintf(buf, " <qemu:env name='%s'",
cmd->env_name[i]);
> + if (cmd->env_value[i])
> + virBufferVSprintf(buf, " value='%s'",
cmd->env_value[i]);
Likewise for env_value[i]? (I'm assuming that env_name[i] is immune,
since it was parsed using virXPathString("string(./@name)",), which
should have rejected strings not valid as environment variable names.)
Yep, likewise here
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|