[libvirt] [PATCH] qemu_monitor: Don't output snapshot format argument if type is NULL
Eric Blake
eblake at redhat.com
Tue Mar 27 12:18:32 UTC 2012
On 03/27/2012 05:49 AM, Peter Krempa wrote:
> If the snapshot format type string was NULL, the JSON framework created
> an invalid JSON string.
> ---
> The other option would be to fix qemuMonitorJSONMakeCommandRaw that string arguments with a NULL
> argument would suppress outputing the complete option, but I'm afraid of breaking something.
>
> Background:
> http://www.redhat.com/archives/libvir-list/2012-March/msg01198.html
Thanks for tracking this down.
Actually, I'd rather fix qemu_driver.c to guarantee that format is
always non-NULL (omitting the format argument means that qemu either
probes the file or hard-codes a default, and that carries risk, since in
the past, we've had CVEs where autoprobing of a raw file can mistakenly
result in treating the file as qcow2 and cause SELinux labeling of
unintended files).
I'll propose a counter-proposal patch later this morning. Let's wait
until we have both patches to compare before deciding which one to push.
--
Eric Blake eblake at redhat.com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120327/4db01ebf/attachment-0001.sig>
More information about the libvir-list
mailing list