On Mon, Jul 08, 2019 at 22:12:38 -0500, Eric Blake wrote:
On 7/8/19 2:56 AM, Peter Krempa wrote:
On Fri, Jul 05, 2019 at 23:37:31 -0500, Eric Blake wrote:
We've been doing a terrible job of performing XML validation in our various API that parse XML with a corresponding schema (we started with domains back in commit dd69a14f, v1.2.12, but didn't catch all domain-related APIs, and didn't cover other XMLM). New APIs (like
[...]
@@ -366,7 +379,7 @@ cmdSnapshotCreateAs(vshControl *ctl, const vshCmd *cmd) const char *desc = NULL; const char *memspec = NULL; virBuffer buf = VIR_BUFFER_INITIALIZER; - unsigned int flags = 0; + unsigned int flags = VIR_DOMAIN_SNAPSHOT_CREATE_VALIDATE;
... just to validate something we always generated ourselves.
...but I can drop the use here, if you think we are safe.
ACK if you remove the use of the flag in cmdSnapshotCreateAs. Other are at your discretion.
Hmm, on a second thought, the XML is created from user-provided bits which may be validated insufficiently, so if you didn't follow through on this one you can use my ACK even with the compat glue and explicit validation.