Re: [libvirt] [PATCH] cpu_conf: properly escape characters for model and vendor
On Wed, May 06, 2015 at 02:28:04PM -0400, John Ferlan wrote:
On 05/05/2015 11:04 AM, Pavel Hrdina wrote:
> We should escape strings for those two elements to be consistent along
> the whole XML.
>
> Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1197580
>
The bz mentions two other paths which I don't see in the patch below...
1. /domain/devices/hostdev/rom/file - not escaped in
virDomainDeviceInfoFormat
2. /domain/devices/source/seclabel/model - not escaped in
virSecurityDeviceLabelDefFormat. Although there is an escape in
virSecurityLabelDefFormat, but that's a different path...
> Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
> ---
> src/conf/cpu_conf.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
ACK to what's here, but I would think we should address the other two as
well...
Thanks for review. I'll also update those two places and I'll try to find any
other virBufferAsprintf that should be replaced by virBufferEscapeString.
Pavel
John
> diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c
> index e959ecc..34725c0 100644
> --- a/src/conf/cpu_conf.c
> +++ b/src/conf/cpu_conf.c
> @@ -547,14 +547,14 @@ virCPUDefFormatBuf(virBufferPtr buf,
> virBufferAsprintf(buf, " vendor_id='%s'",
def->vendor_id);
> }
> if (formatModel && def->model) {
> - virBufferAsprintf(buf, ">%s</model>\n",
def->model);
> + virBufferEscapeString(buf, ">%s</model>\n",
def->model);
> } else {
> virBufferAddLit(buf, "/>\n");
> }
> }
>
> if (formatModel && def->vendor)
> - virBufferAsprintf(buf, "<vendor>%s</vendor>\n",
def->vendor);
> + virBufferEscapeString(buf, "<vendor>%s</vendor>\n",
def->vendor);
>
> if (def->sockets && def->cores && def->threads) {
> virBufferAddLit(buf, "<topology");
>