On Mon, Jul 08, 2019 at 22:12:38 -0500, Eric Blake wrote: > On 7/8/19 2:56 AM, Peter Krempa wrote: > > On Fri, Jul 05, 2019 at 23:37:31 -0500, Eric Blake wrote: > >> We've been doing a terrible job of performing XML validation in our > >> various API that parse XML with a corresponding schema (we started > >> with domains back in commit dd69a14f, v1.2.12, but didn't catch all > >> domain-related APIs, and didn't cover other XMLM). New APIs (like [...] > >> @@ -366,7 +379,7 @@ cmdSnapshotCreateAs(vshControl *ctl, const vshCmd *cmd) > >> const char *desc = NULL; > >> const char *memspec = NULL; > >> virBuffer buf = VIR_BUFFER_INITIALIZER; > >> - unsigned int flags = 0; > >> + unsigned int flags = VIR_DOMAIN_SNAPSHOT_CREATE_VALIDATE; > > > > ... just to validate something we always generated ourselves. > > ...but I can drop the use here, if you think we are safe. > > > > > ACK if you remove the use of the flag in cmdSnapshotCreateAs. Other are > > at your discretion. Hmm, on a second thought, the XML is created from user-provided bits which may be validated insufficiently, so if you didn't follow through on this one you can use my ACK even with the compat glue and explicit validation.
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
