Commit Graph

14 Commits

Author SHA1 Message Date
Ladi Prosek
5ae2d9c259 hyperv: Escape WQL queries
The code was vulnerable to SQL injection. Likely not a security issue due to
WMI SQL and other constraints but still lame. For example:

  virsh # dominfo \"
  error: failed to get domain '"'
  error: internal error: SOAP fault during enumeration: code 's:Sender', subcode
  'n:CannotProcessFilter', reason 'The data source could not process the filter.
  The filter might be missing or it might be invalid. Change the filter and try
  the request again.  ', detail 'The WS-Management service cannot process the
  request. The WQL query is invalid. '

This commit fixes the Hyper-V driver by escaping all WMI SQL string parameters.

The same command with the fix:

  virsh # dominfo \"
  error: failed to get domain '"'
  error: Domain not found: No domain with name "

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
2017-10-16 10:29:32 -04:00
Martin Kletzander
7addfa195b util: Umark virBufferCheckErrorInternal as ATTRIBUTE_RETURN_CHECK
The function is useful even without using the return value.  And if
needed, the return value can be obtained by other calls as well.  The
potential for clean-up can be seen in the following patch.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2017-08-29 11:17:16 +02:00
Pavel Hrdina
ef3ea17f62 util: introduce virBufferSetChildIndent macro
Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2017-08-28 14:02:34 +02:00
Peter Krempa
3c60388591 util: buffer: Add virBufferStrcatVArgs
Split out the worker loop into a separate function and export it.

Reviewed-by: Eric Blake <eblake@redhat.com>
2017-07-27 09:31:14 +02:00
Pavel Hrdina
0918b84968 util: introduce virBufferEscapeRegex
Add a helper to escape all possible meta-characters used for
POSIX extended regular expressions.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2017-05-12 16:54:33 +02:00
Peter Krempa
91e7862c15 util: buffer: Add API to set indentation level to a given value
It will be useful to set indentation level to 0 after formatting a
nested structure rather than having to track the depth.
2017-03-27 09:29:57 +02:00
Pavel Hrdina
726403461b util: virbuffer: introduce virBufferEscapeN
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2017-02-24 12:58:23 +01:00
Peter Krempa
6ff59cbc83 util: buffer: Add support for adding text blocks with indentation
The current auto-indentation buffer code applies indentation only on
complete strings. To allow adding a string containing newlines and
having it properly indented this patch adds virBufferAddStr.
2015-03-25 15:42:52 +01:00
Michal Privoznik
83c5467ee9 util: Introduce virBufferAddBuffer
This API joins the following two lines:

char *s = virBufferContentAndReset(buf1);
virBufferAdd(buf2, s, -1);

into one:

virBufferAddBuffer(buf2, buf1);

With one exception: there's no re-indentation applied to @buf1.
The idea is, that in general both can have different indentation
(like the test I'm adding proves)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-02-25 09:23:42 +01:00
Eric Blake
4b772e469d maint: fix comment typo
* src/util/virbuffer.h: s/occured/occurred/

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-08-23 14:29:24 -06:00
Ján Tomko
058d89b9df Introduce virBufferCheckError
Check if the buffer is in error state and report an error if it is.

This replaces the pattern:
if (virBufferError(buf)) {
    virReportOOMError();
    goto cleanup;
}
with:

if (virBufferCheckError(buf) < 0)
    goto cleanup;

Document typical buffer usage to favor this.
Also remove the redundant FreeAndReset - if an error has
been set via virBufferSetError, the content is already freed.
2014-07-03 10:41:15 +02:00
Eric Blake
1b0bc4169f maint: avoid 'const fooPtr' in several util files
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can).  But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).

Fix up offenders in src/util outside of the virnet namespace.

Also, make a few virSocketAddr functions const-correct, for easier
conversions in future patches.

* src/util/virbuffer.h (virBufferError, virBufferUse)
(virBufferGetIndent): Use intended type.
* src/util/virmacaddr.h (virMacAddrCmp, virMacAddrCmpRaw)
(virMacAddrSet, virMcAddrFormat, virMacAddrIsUnicast)
(virMacAddrIsMulticast): Likewise.
* src/util/virebtables.h (ebtablesAddForwardAllowIn)
(ebtablesRemoveForwardAllowIn): Likewise.
* src/util/virsocketaddr.h (virSocketAddrSetIPv4Addr): Drop
incorrect const.
(virMacAddrGetRaw, virSocketAddrFormat, virSocketAddrFormatFull):
Make const-correct.
(virSocketAddrMask, virSocketAddrMaskByPrefix)
(virSocketAddrBroadcast, virSocketAddrBroadcastByPrefix)
(virSocketAddrGetNumNetmaskBits, virSocketAddrGetIpPrefix)
(virSocketAddrEqual, virSocketAddrIsPrivate)
(virSocketAddrIsWildcard): Use intended type.
* src/util/virbuffer.c (virBufferError, virBufferUse)
(virBufferGetIndent): Fix fallout.
* src/util/virmacaddr.c (virMacAddrCmp, virMacAddrCmpRaw)
(virMacAddrSet, virMcAddrFormat, virMacAddrIsUnicast)
(virMacAddrIsMulticast): Likewise.
* src/util/virebtables.c (ebtablesAddForwardAllowIn)
(ebtablesRemoveForwardAllowIn): Likewise.
* src/util/virsocketaddr.c (virSocketAddrMask, virMacAddrGetRaw)
(virSocketAddrMaskByPrefix, virSocketAddrBroadcast)
(virSocketAddrBroadcastByPrefix, virSocketAddrGetNumNetmaskBits)
(virSocketAddrGetIpPrefix, virSocketAddrEqual)
(virSocketAddrIsPrivate, virSocketAddrIsWildcard)
(virSocketAddrGetIPv4Addr, virSocketAddrGetIPv6Addr)
(virSocketAddrFormat, virSocketAddrFormatFull): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-14 13:02:18 -06:00
Ján Tomko
d0d0413e48 util: switch virBufferTrim to void
We don't care whether the trim was succesful or not anywhere
except the tests.

Switch it to void and set the buffer error on wrong usage.
2013-06-19 09:21:09 +02:00
Daniel P. Berrange
2005f7b552 Rename buf.{c,h} to virbuffer.{c,h}
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-21 11:17:12 +00:00