From: Michal Privoznik <mprivozn@redhat.com> According to [1] there are only few characters allowed in the path to the daemon socket (alphanum and some punctuation; notably, space is missing on the list). The rest must be escaped by '%NN' notation. Fortunately, g_uri_escape_string() with some carefully selected input values is able to escape the path. Almost - it considers tilde valid but DBus doesn't. Well, let's hope nobody has tilde in domain name. 1: https://gitlab.freedesktop.org/dbus/dbus/-/blob/2dee5236088bcf690ba92b743a58... Closes: https://gitlab.com/libvirt/libvirt/-/issues/834 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/qemu/qemu_dbus.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_dbus.c b/src/qemu/qemu_dbus.c index 625884ad46..db0757b71d 100644 --- a/src/qemu/qemu_dbus.c +++ b/src/qemu/qemu_dbus.c @@ -119,6 +119,12 @@ static int qemuDBusWriteConfig(const char *filename, const char *path, bool privileged) { g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER; + /* Escape @path pointing to socket where the dbus-daemon is going to listen + * to. Valid characters are alphanumeric, '-', '_', '/', '\\', '*' and '.'. + * The rest must be URI escaped. g_uri_escape_string() treads alphanumeric, + * '-', '.', '_' and '~' as valid. + */ + g_autofree char *escapedPath = g_uri_escape_string(path, "/\\*", false); g_autofree char *config = NULL; virBufferAddLit(&buf, "<!DOCTYPE busconfig PUBLIC \"-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN\"\n"); @@ -127,7 +133,7 @@ qemuDBusWriteConfig(const char *filename, const char *path, bool privileged) virBufferAdjustIndent(&buf, 2); virBufferAddLit(&buf, "<type>org.libvirt.qemu</type>\n"); - virBufferAsprintf(&buf, "<listen>unix:path=%s</listen>\n", path); + virBufferAsprintf(&buf, "<listen>unix:path=%s</listen>\n", escapedPath); virBufferAddLit(&buf, "<auth>EXTERNAL</auth>\n"); virBufferAddLit(&buf, "<policy context='default'>\n"); -- 2.51.2