
On 04/21/2010 10:01 AM, Chris Lalancette wrote:
+static void qemuDomainDefNamespaceFree(void *nsdata) +{ + qemuDomainCmdlineDefPtr cmd = nsdata; + int i;
s/int/unsigned int/
+static int qemuDomainDefNamespaceParse(xmlDocPtr xml, + xmlNodePtr root, + xmlXPathContextPtr ctxt, + void **data) +{ + qemuDomainCmdlineDefPtr cmd = NULL; + xmlNsPtr ns; + xmlNodePtr *nodes = NULL; + int n, i;
n must be signed, but can i be unsigned?
+ +static int qemuDomainDefNamespaceFormatXML(virBufferPtr buf, + void *nsdata) +{ + qemuDomainCmdlineDefPtr cmd = nsdata; + int i;
unsigned
+ + if (cmd->num_extra || cmd->num_env) + virBufferAddLit(buf, " <qemu:commandline>\n"); + for (i = 0; i < cmd->num_extra; i++) + virBufferVSprintf(buf, " <qemu:arg>%s</qemu:arg>\n", cmd->extra[i]);
Is there any chance that cmd->extra[i] might contain content that needs escaping before it is valid as XML?
+ for (i = 0; i < cmd->num_env; i++) { + virBufferVSprintf(buf, " <qemu:env name='%s'", cmd->env_name[i]); + if (cmd->env_value[i]) + virBufferVSprintf(buf, " value='%s'", cmd->env_value[i]);
Likewise for env_value[i]? (I'm assuming that env_name[i] is immune, since it was parsed using virXPathString("string(./@name)",), which should have rejected strings not valid as environment variable names.) The approach looks correct, but I hesitate to give an ack without knowing for sure that the formatted XML is safe from arbitrary content in the extra arguments. -- Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org