External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-21 19:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

virSecurityLabelDefParseXML: Don't use 'virXPathStringLimit'

Browse Source 
virXPathStringLimit doesn't give callers a way to differentiate between
the queried XPath being empty and the length limit being exceeded.

This means that callers are either overwriting the error message or
ignoring it altogether.

Move the length checks into the caller.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Peter Krempa 2021-11-22 17:26:40 +01:00
parent 8f9bc6e5f6
commit a0e84f21b2
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/conf/domain_conf.c
View File

@ -7871,9 +7871,9 @@ virSecurityLabelDefParseXML(xmlXPathContextPtr ctxt,
if (seclabel->type == VIR_DOMAIN_SECLABEL_STATIC ||
(!(flags & VIR_DOMAIN_DEF_PARSE_INACTIVE) &&
seclabel->type != VIR_DOMAIN_SECLABEL_NONE)) {
seclabel->label = virXPathStringLimit("string(./label[1])",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
if (!seclabel->label) {
seclabel->label = virXPathString("string(./label[1])", ctxt);
if (!seclabel->label ||
strlen(seclabel->label) >= VIR_SECURITY_LABEL_BUFLEN - 1) {
virReportError(VIR_ERR_XML_ERROR,
"%s", _("security label is missing"));
return NULL;
@ -7884,9 +7884,10 @@ virSecurityLabelDefParseXML(xmlXPathContextPtr ctxt,
if (seclabel->relabel &&
(!(flags & VIR_DOMAIN_DEF_PARSE_INACTIVE) &&
seclabel->type != VIR_DOMAIN_SECLABEL_NONE)) {
seclabel->imagelabel = virXPathStringLimit("string(./imagelabel[1])",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
if (!seclabel->imagelabel) {
seclabel->imagelabel = virXPathString("string(./imagelabel[1])", ctxt);
if (!seclabel->imagelabel ||
strlen(seclabel->imagelabel) >= VIR_SECURITY_LABEL_BUFLEN - 1) {
virReportError(VIR_ERR_XML_ERROR,
"%s", _("security imagelabel is missing"));
return NULL;
@ -7895,8 +7896,11 @@ virSecurityLabelDefParseXML(xmlXPathContextPtr ctxt,
/* Only parse baselabel for dynamic label type */
if (seclabel->type == VIR_DOMAIN_SECLABEL_DYNAMIC) {
seclabel->baselabel = virXPathStringLimit("string(./baselabel[1])",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
seclabel->baselabel = virXPathString("string(./baselabel[1])", ctxt);
if (seclabel->baselabel &&
strlen(seclabel->baselabel) >= VIR_SECURITY_LABEL_BUFLEN - 1)
g_clear_pointer(&seclabel->baselabel, g_free);
}
return g_steal_pointer(&seclabel);