[PATCH 10/12] virSecurityDeviceLabelDefParseXML: Don't use 'virXPathStringLimit'

Monday, 22 November 2021

virXPathStringLimit doesn't give callers a way to differentiate between
the queried XPath being empty and the length limit being exceeded.

This means that the callers is completely ignoring the error.

Move the length check into the caller.

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt;
---
 src/conf/domain_conf.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index e829511ac5..d6eefed398 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8066,9 +8066,10 @@ virSecurityDeviceLabelDefParseXML(virSecurityDeviceLabelDef
***seclabels_rtn,
             ignore_value(virStringParseYesNo(labelskip,
&seclabels[i]->labelskip));

         ctxt->node = list[i];
-        label = virXPathStringLimit("string(./label)",
-                                    VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
-        seclabels[i]->label = g_steal_pointer(&label);
+        label = virXPathString("string(./label)", ctxt);
+
+        if (label && strlen(label) < VIR_SECURITY_LABEL_BUFLEN)
+            seclabels[i]->label = g_steal_pointer(&label);

         if (seclabels[i]->label && !seclabels[i]->relabel) {
             virReportError(VIR_ERR_XML_ERROR,
-- 
2.31.1


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[PATCH 10/12] virSecurityDeviceLabelDefParseXML: Don't use 'virXPathStringLimit'