On 11/11/25 10:26, Martin Kletzander wrote:
From: Martin Kletzander <mkletzan@redhat.com>
Utilise the new virDomainDefIDsParseString() for that.
This is one of the more complex ones since there is also a function that reads relevant metadata from a save image XML. In order _not_ to extract the parsing out of the function (and make the function basically trivial and all callers more complex) add a callback to the function which will be used to check the ACLs.
Fixes: CVE-2025-12748 Reported-by: Святослав Терешин <s.tereshin@fobos-nt.ru> Signed-off-by: Martin Kletzander <mkletzan@redhat.com> --- src/qemu/qemu_driver.c | 90 ++++++++++++++++++++------------------- src/qemu/qemu_migration.c | 23 +++++++++- src/qemu/qemu_migration.h | 4 +- src/qemu/qemu_saveimage.c | 25 +++++++++-- src/qemu/qemu_saveimage.h | 4 +- src/qemu/qemu_snapshot.c | 4 +- 6 files changed, 97 insertions(+), 53 deletions(-)
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Michal