From nobody Thu Dec 18 03:53:12 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1520346486574505.1942738932662; Tue, 6 Mar 2018 06:28:06 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A89D687623; Tue, 6 Mar 2018 14:28:04 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6DCEC5C8AA; Tue, 6 Mar 2018 14:28:04 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2E99D181A878; Tue, 6 Mar 2018 14:28:04 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w26ERxpe023054 for ; Tue, 6 Mar 2018 09:27:59 -0500 Received: by smtp.corp.redhat.com (Postfix) id 7AB85200AE93; Tue, 6 Mar 2018 14:27:59 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 05C082024CAD; Tue, 6 Mar 2018 14:27:58 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Tue, 6 Mar 2018 15:27:11 +0100 Message-Id: <3678f3c8a62d0821255e39d2d066a6668b340c7d.1520346349.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: Peter Krempa Subject: [libvirt] [PATCH 2/6] util: storage: Sanitize parsing of disk auth XMLs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 06 Mar 2018 14:28:05 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Pass in the XPath context as we do in all other places rather than allocating a new one. Signed-off-by: Peter Krempa --- src/conf/domain_conf.c | 21 ++++++++++++--------- src/conf/storage_conf.c | 2 +- src/util/virstoragefile.c | 32 ++++++++------------------------ src/util/virstoragefile.h | 3 ++- 4 files changed, 23 insertions(+), 35 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index a248d73de3..a8be0db7e4 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -7218,7 +7218,8 @@ virDomainHostdevSubsysSCSIHostDefParseXML(xmlNodePtr = sourcenode, static int virDomainHostdevSubsysSCSIiSCSIDefParseXML(xmlNodePtr sourcenode, - virDomainHostdevSubsysSCSIPtr d= ef) + virDomainHostdevSubsysSCSIPtr d= ef, + xmlXPathContextPtr ctxt) { int ret =3D -1; int auth_secret_usage =3D -1; @@ -7259,7 +7260,7 @@ virDomainHostdevSubsysSCSIiSCSIDefParseXML(xmlNodePtr= sourcenode, while (cur !=3D NULL) { if (cur->type =3D=3D XML_ELEMENT_NODE && virXMLNodeNameEqual(cur, "auth")) { - if (!(authdef =3D virStorageAuthDefParse(sourcenode->doc, cur)= )) + if (!(authdef =3D virStorageAuthDefParse(cur, ctxt))) goto cleanup; if ((auth_secret_usage =3D virSecretUsageTypeFromString(authdef->secrettype)) < 0) { @@ -7288,7 +7289,8 @@ virDomainHostdevSubsysSCSIiSCSIDefParseXML(xmlNodePtr= sourcenode, static int virDomainHostdevSubsysSCSIDefParseXML(xmlNodePtr sourcenode, - virDomainHostdevSubsysSCSIPtr scsisr= c) + virDomainHostdevSubsysSCSIPtr scsisr= c, + xmlXPathContextPtr ctxt) { char *protocol =3D NULL; int ret =3D -1; @@ -7305,7 +7307,7 @@ virDomainHostdevSubsysSCSIDefParseXML(xmlNodePtr sour= cenode, } if (scsisrc->protocol =3D=3D VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISC= SI) - ret =3D virDomainHostdevSubsysSCSIiSCSIDefParseXML(sourcenode, scs= isrc); + ret =3D virDomainHostdevSubsysSCSIiSCSIDefParseXML(sourcenode, scs= isrc, ctxt); else ret =3D virDomainHostdevSubsysSCSIHostDefParseXML(sourcenode, scsi= src); @@ -7550,7 +7552,7 @@ virDomainHostdevDefParseXMLSubsys(xmlNodePtr node, break; case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI: - if (virDomainHostdevSubsysSCSIDefParseXML(sourcenode, scsisrc) < 0) + if (virDomainHostdevSubsysSCSIDefParseXML(sourcenode, scsisrc, ctx= t) < 0) goto error; break; @@ -8540,7 +8542,8 @@ virDomainDiskSourceNetworkParse(xmlNodePtr node, static int virDomainDiskSourceAuthParse(xmlNodePtr node, - virStorageAuthDefPtr *authdefsrc) + virStorageAuthDefPtr *authdefsrc, + xmlXPathContextPtr ctxt) { xmlNodePtr child; virStorageAuthDefPtr authdef; @@ -8549,7 +8552,7 @@ virDomainDiskSourceAuthParse(xmlNodePtr node, if (child->type =3D=3D XML_ELEMENT_NODE && virXMLNodeNameEqual(child, "auth")) { - if (!(authdef =3D virStorageAuthDefParse(node->doc, child))) + if (!(authdef =3D virStorageAuthDefParse(child, ctxt))) return -1; *authdefsrc =3D authdef; @@ -8653,7 +8656,7 @@ virDomainDiskSourceParse(xmlNodePtr node, goto cleanup; } - if (virDomainDiskSourceAuthParse(node, &src->auth) < 0) + if (virDomainDiskSourceAuthParse(node, &src->auth, ctxt) < 0) goto cleanup; if (virDomainDiskSourceEncryptionParse(node, &src->encryption) < 0) @@ -9401,7 +9404,7 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt, goto error; } - if (!(authdef =3D virStorageAuthDefParse(node->doc, cur))) + if (!(authdef =3D virStorageAuthDefParse(cur, ctxt))) goto error; } else if (virXMLNodeNameEqual(cur, "iotune")) { if (virDomainDiskDefIotuneParse(def, ctxt) < 0) diff --git a/src/conf/storage_conf.c b/src/conf/storage_conf.c index b9135722c1..f1f469d462 100644 --- a/src/conf/storage_conf.c +++ b/src/conf/storage_conf.c @@ -527,7 +527,7 @@ virStoragePoolDefParseSource(xmlXPathContextPtr ctxt, } if ((authnode =3D virXPathNode("./auth", ctxt))) { - if (!(authdef =3D virStorageAuthDefParse(node->doc, authnode))) + if (!(authdef =3D virStorageAuthDefParse(authnode, ctxt))) goto cleanup; if (authdef->authType =3D=3D VIR_STORAGE_AUTH_TYPE_NONE) { diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index 3d17911297..67b9ec71ac 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -1809,16 +1809,20 @@ virStorageAuthDefCopy(const virStorageAuthDef *src) } -static virStorageAuthDefPtr -virStorageAuthDefParseXML(xmlXPathContextPtr ctxt) +virStorageAuthDefPtr +virStorageAuthDefParse(xmlNodePtr node, + xmlXPathContextPtr ctxt) { + xmlNodePtr saveNode =3D ctxt->node; virStorageAuthDefPtr authdef =3D NULL; virStorageAuthDefPtr ret =3D NULL; xmlNodePtr secretnode =3D NULL; char *authtype =3D NULL; + ctxt->node =3D node; + if (VIR_ALLOC(authdef) < 0) - return NULL; + goto cleanup; if (!(authdef->username =3D virXPathString("string(./@username)", ctxt= ))) { virReportError(VIR_ERR_XML_ERROR, "%s", @@ -1862,32 +1866,12 @@ virStorageAuthDefParseXML(xmlXPathContextPtr ctxt) cleanup: VIR_FREE(authtype); virStorageAuthDefFree(authdef); + ctxt->node =3D saveNode; return ret; } -virStorageAuthDefPtr -virStorageAuthDefParse(xmlDocPtr xml, xmlNodePtr root) -{ - xmlXPathContextPtr ctxt =3D NULL; - virStorageAuthDefPtr authdef =3D NULL; - - ctxt =3D xmlXPathNewContext(xml); - if (ctxt =3D=3D NULL) { - virReportOOMError(); - goto cleanup; - } - - ctxt->node =3D root; - authdef =3D virStorageAuthDefParseXML(ctxt); - - cleanup: - xmlXPathFreeContext(ctxt); - return authdef; -} - - void virStorageAuthDefFormat(virBufferPtr buf, virStorageAuthDefPtr authdef) diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h index 0095cd1387..596746ccb7 100644 --- a/src/util/virstoragefile.h +++ b/src/util/virstoragefile.h @@ -366,7 +366,8 @@ int virStorageFileGetSCSIKey(const char *path, void virStorageAuthDefFree(virStorageAuthDefPtr def); virStorageAuthDefPtr virStorageAuthDefCopy(const virStorageAuthDef *src); -virStorageAuthDefPtr virStorageAuthDefParse(xmlDocPtr xml, xmlNodePtr root= ); +virStorageAuthDefPtr virStorageAuthDefParse(xmlNodePtr node, + xmlXPathContextPtr ctxt); void virStorageAuthDefFormat(virBufferPtr buf, virStorageAuthDefPtr authde= f); virSecurityDeviceLabelDefPtr --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list