[libvirt] [PATCH 3/3] Use virBufferEscapeShell in virNetSocketNewConnectSSH

Wed Oct 12 22:40:20 UTC 2011

to escape the netcat command since it's passed to the shell. Adjust
expected test case output accordingly.
---
 src/rpc/virnetsocket.c   |   25 ++++++++++++++++++++-----
 tests/virnetsockettest.c |   10 +++++-----
 2 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index ea653da..0105e45 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -612,7 +612,10 @@ int virNetSocketNewConnectSSH(const char *nodename,
                               const char *path,
                               virNetSocketPtr *retsock)
 {
+    char *quoted;
     virCommandPtr cmd;
+    virBuffer buf = VIR_BUFFER_INITIALIZER;
+
     *retsock = NULL;
 
     cmd = virCommandNew(binary ? binary : "ssh");
@@ -636,6 +639,19 @@ int virNetSocketNewConnectSSH(const char *nodename,
         virCommandAddArgList(cmd, "-o", "StrictHostKeyChecking=no", NULL);
 
     virCommandAddArgList(cmd, nodename, "sh", "-c", NULL);
+
+    virBufferEscapeShell(&buf, netcat ? netcat : "nc");
+    if (virBufferError(&buf)) {
+        virBufferFreeAndReset(&buf);
+        virReportOOMError();
+        return -1;
+    }
+    quoted = virBufferContentAndReset(&buf);
+    if (quoted == NULL) {
+        virReportOOMError();
+        return -1;
+    }
+
     /*
      * This ugly thing is a shell script to detect availability of
      * the -q option for 'nc': debian and suse based distros need this
@@ -647,14 +663,13 @@ int virNetSocketNewConnectSSH(const char *nodename,
      * behavior.
      */
     virCommandAddArgFormat(cmd,
-         "'if %s -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then"
+         "'if '%s' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then"
          "     ARG=-q0;"
          "fi;"
-         "%s $ARG -U %s'",
-         netcat ? netcat : "nc",
-         netcat ? netcat : "nc",
-         path);
+         "'%s' $ARG -U %s'",
+         quoted, quoted, path);
 
+    VIR_FREE(quoted);
     return virNetSocketNewConnectCommand(cmd, retsock);
 }
 
diff --git a/tests/virnetsockettest.c b/tests/virnetsockettest.c
index b3a2705..c063e74 100644
--- a/tests/virnetsockettest.c
+++ b/tests/virnetsockettest.c
@@ -496,7 +496,7 @@ mymain(void)
     struct testSSHData sshData1 = {
         .nodename = "somehost",
         .path = "/tmp/socket",
-        .expectOut = "somehost sh -c 'if nc -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;nc $ARG -U /tmp/socket'\n",
+        .expectOut = "somehost sh -c 'if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;'nc' $ARG -U /tmp/socket'\n",
     };
     if (virtTestRun("SSH test 1", 1, testSocketSSH, &sshData1) < 0)
         ret = -1;
@@ -509,7 +509,7 @@ mymain(void)
         .noTTY = true,
         .noVerify = false,
         .path = "/tmp/socket",
-        .expectOut = "-p 9000 -l fred -T -o BatchMode=yes -e none somehost sh -c 'if netcat -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;netcat $ARG -U /tmp/socket'\n",
+        .expectOut = "-p 9000 -l fred -T -o BatchMode=yes -e none somehost sh -c 'if 'netcat' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;'netcat' $ARG -U /tmp/socket'\n",
     };
     if (virtTestRun("SSH test 2", 1, testSocketSSH, &sshData2) < 0)
         ret = -1;
@@ -522,7 +522,7 @@ mymain(void)
         .noTTY = false,
         .noVerify = true,
         .path = "/tmp/socket",
-        .expectOut = "-p 9000 -l fred -o StrictHostKeyChecking=no somehost sh -c 'if netcat -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;netcat $ARG -U /tmp/socket'\n",
+        .expectOut = "-p 9000 -l fred -o StrictHostKeyChecking=no somehost sh -c 'if 'netcat' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;'netcat' $ARG -U /tmp/socket'\n",
     };
     if (virtTestRun("SSH test 3", 1, testSocketSSH, &sshData3) < 0)
         ret = -1;
@@ -538,7 +538,7 @@ mymain(void)
     struct testSSHData sshData5 = {
         .nodename = "crashyhost",
         .path = "/tmp/socket",
-        .expectOut = "crashyhost sh -c 'if nc -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;nc $ARG -U /tmp/socket'\n",
+        .expectOut = "crashyhost sh -c 'if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;'nc' $ARG -U /tmp/socket'\n",
 
         .dieEarly = true,
     };
@@ -550,7 +550,7 @@ mymain(void)
         .path = "/tmp/socket",
         .keyfile = "/root/.ssh/example_key",
         .noVerify = true,
-        .expectOut = "-i /root/.ssh/example_key -o StrictHostKeyChecking=no example.com sh -c 'if nc -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;nc $ARG -U /tmp/socket'\n",
+        .expectOut = "-i /root/.ssh/example_key -o StrictHostKeyChecking=no example.com sh -c 'if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then     ARG=-q0;fi;'nc' $ARG -U /tmp/socket'\n",
     };
     if (virtTestRun("SSH test 6", 1, testSocketSSH, &sshData6) < 0)
         ret = -1;
-- 
1.7.6.3


