87 lines
3.6 KiB
Diff
87 lines
3.6 KiB
Diff
From 2ccac1e42f34404e3a5af22671a31fa1dca94e94 Mon Sep 17 00:00:00 2001
|
|
From: Peter Krempa <pkrempa@redhat.com>
|
|
Date: Tue, 30 Jan 2024 17:11:37 +0100
|
|
Subject: [PATCH] virNodeDeviceCapVPDFormat: Properly escape system-originated
|
|
strings
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Similarly to previous commit other specific fields which come from the
|
|
system data and aren't sanitized enough to be safe for XML were also
|
|
formatted via virBufferAsprintf.
|
|
|
|
Other static and safe strings used virBufferEscapeString instead of
|
|
virBufferAddLit.
|
|
|
|
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
|
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
---
|
|
src/conf/node_device_conf.c | 32 +++++++++++++-------------------
|
|
1 file changed, 13 insertions(+), 19 deletions(-)
|
|
|
|
diff --git a/src/conf/node_device_conf.c b/src/conf/node_device_conf.c
|
|
index 87c046e571d..95de77abe9d 100644
|
|
--- a/src/conf/node_device_conf.c
|
|
+++ b/src/conf/node_device_conf.c
|
|
@@ -270,14 +270,6 @@ virNodeDeviceCapVPDFormatCustomSystemField(virPCIVPDResourceCustom *field, virBu
|
|
virNodeDeviceCapVPDFormatCustomField(buf, "system_field", field);
|
|
}
|
|
|
|
-static inline void
|
|
-virNodeDeviceCapVPDFormatRegularField(virBuffer *buf, const char *keyword, const char *value)
|
|
-{
|
|
- if (keyword == NULL || value == NULL)
|
|
- return;
|
|
-
|
|
- virBufferAsprintf(buf, "<%s>%s</%s>\n", keyword, value, keyword);
|
|
-}
|
|
|
|
static void
|
|
virNodeDeviceCapVPDFormat(virBuffer *buf, virPCIVPDResource *res)
|
|
@@ -290,31 +282,33 @@ virNodeDeviceCapVPDFormat(virBuffer *buf, virPCIVPDResource *res)
|
|
virBufferEscapeString(buf, "<name>%s</name>\n", res->name);
|
|
|
|
if (res->ro != NULL) {
|
|
- virBufferEscapeString(buf, "<fields access='%s'>\n", "readonly");
|
|
-
|
|
+ virBufferAddLit(buf, "<fields access='readonly'>\n");
|
|
virBufferAdjustIndent(buf, 2);
|
|
- virNodeDeviceCapVPDFormatRegularField(buf, "change_level", res->ro->change_level);
|
|
- virNodeDeviceCapVPDFormatRegularField(buf, "manufacture_id", res->ro->manufacture_id);
|
|
- virNodeDeviceCapVPDFormatRegularField(buf, "part_number", res->ro->part_number);
|
|
- virNodeDeviceCapVPDFormatRegularField(buf, "serial_number", res->ro->serial_number);
|
|
+
|
|
+ virBufferEscapeString(buf, "<change_level>%s</change_level>\n", res->ro->change_level);
|
|
+ virBufferEscapeString(buf, "<manufacture_id>%s</manufacture_id>\n", res->ro->manufacture_id);
|
|
+ virBufferEscapeString(buf, "<part_number>%s</part_number>\n", res->ro->part_number);
|
|
+ virBufferEscapeString(buf, "<serial_number>%s</serial_number>\n", res->ro->serial_number);
|
|
+
|
|
g_ptr_array_foreach(res->ro->vendor_specific,
|
|
(GFunc)virNodeDeviceCapVPDFormatCustomVendorField, buf);
|
|
- virBufferAdjustIndent(buf, -2);
|
|
|
|
+ virBufferAdjustIndent(buf, -2);
|
|
virBufferAddLit(buf, "</fields>\n");
|
|
}
|
|
|
|
if (res->rw != NULL) {
|
|
- virBufferEscapeString(buf, "<fields access='%s'>\n", "readwrite");
|
|
-
|
|
+ virBufferAddLit(buf, "<fields access='readwrite'>\n");
|
|
virBufferAdjustIndent(buf, 2);
|
|
- virNodeDeviceCapVPDFormatRegularField(buf, "asset_tag", res->rw->asset_tag);
|
|
+
|
|
+ virBufferEscapeString(buf, "<asset_tag>%s</asset_tag>\n", res->rw->asset_tag);
|
|
+
|
|
g_ptr_array_foreach(res->rw->vendor_specific,
|
|
(GFunc)virNodeDeviceCapVPDFormatCustomVendorField, buf);
|
|
g_ptr_array_foreach(res->rw->system_specific,
|
|
(GFunc)virNodeDeviceCapVPDFormatCustomSystemField, buf);
|
|
- virBufferAdjustIndent(buf, -2);
|
|
|
|
+ virBufferAdjustIndent(buf, -2);
|
|
virBufferAddLit(buf, "</fields>\n");
|
|
}
|
|
|