On Wed, May 06, 2015 at 02:28:04PM -0400, John Ferlan wrote: > > > On 05/05/2015 11:04 AM, Pavel Hrdina wrote: > > We should escape strings for those two elements to be consistent along > > the whole XML. > > > > Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1197580 > > > > The bz mentions two other paths which I don't see in the patch below... > > 1. /domain/devices/hostdev/rom/file - not escaped in > virDomainDeviceInfoFormat > > 2. /domain/devices/source/seclabel/model - not escaped in > virSecurityDeviceLabelDefFormat. Although there is an escape in > virSecurityLabelDefFormat, but that's a different path... > > > > Signed-off-by: Pavel Hrdina <phrdina@xxxxxxxxxx> > > --- > > src/conf/cpu_conf.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > ACK to what's here, but I would think we should address the other two as > well... > Thanks for review. I'll also update those two places and I'll try to find any other virBufferAsprintf that should be replaced by virBufferEscapeString. Pavel > John > > diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c > > index e959ecc..34725c0 100644 > > --- a/src/conf/cpu_conf.c > > +++ b/src/conf/cpu_conf.c > > @@ -547,14 +547,14 @@ virCPUDefFormatBuf(virBufferPtr buf, > > virBufferAsprintf(buf, " vendor_id='%s'", def->vendor_id); > > } > > if (formatModel && def->model) { > > - virBufferAsprintf(buf, ">%s</model>\n", def->model); > > + virBufferEscapeString(buf, ">%s</model>\n", def->model); > > } else { > > virBufferAddLit(buf, "/>\n"); > > } > > } > > > > if (formatModel && def->vendor) > > - virBufferAsprintf(buf, "<vendor>%s</vendor>\n", def->vendor); > > + virBufferEscapeString(buf, "<vendor>%s</vendor>\n", def->vendor); > > > > if (def->sockets && def->cores && def->threads) { > > virBufferAddLit(buf, "<topology"); > > -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list