On Fri, Feb 12, 2021 at 05:42:19PM +0100, Michal Privoznik wrote:
The root directory can be provided by user (or a temporary one is generated) and is always formatted into connection URI for both secret driver and QEMU driver, like this:
qemu:///embed?root=$root
But if it so happens that there is an URI unfriendly character in root directory or path to it (say a space) then invalid URI is formatted which results in unexpected results. We can trust g_dir_make_tmp() to generate valid URI but we can't trust user. Escape user provided root directory. Always.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1920400 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/qemu/qemu_shim.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|