[libvirt] [PATCH 5/6] util: storage: Sanitize parsing of disk encryption XMLs

Peter Krempa pkrempa at redhat.com
Tue Mar 6 14:27:14 UTC 2018 

Pass in the XPath context as we do in all other places rather than
allocating a new one.

Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
 src/conf/domain_conf.c          |  9 +++++----
 src/conf/storage_conf.c         |  3 +--
 src/util/virstorageencryption.c | 37 ++++++++-----------------------------
 src/util/virstorageencryption.h |  4 ++--
 4 files changed, 16 insertions(+), 37 deletions(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 31b2590a13..f5bc6148a2 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8542,7 +8542,8 @@ virDomainDiskSourceNetworkParse(xmlNodePtr node,

 static int
 virDomainDiskSourceEncryptionParse(xmlNodePtr node,
-                                   virStorageEncryptionPtr *encryptionsrc)
+                                   virStorageEncryptionPtr *encryptionsrc,
+                                   xmlXPathContextPtr ctxt)
 {
     xmlNodePtr child;
     virStorageEncryptionPtr encryption = NULL;
@@ -8551,7 +8552,7 @@ virDomainDiskSourceEncryptionParse(xmlNodePtr node,
         if (child->type == XML_ELEMENT_NODE &&
             virXMLNodeNameEqual(child, "encryption")) {

-            if (!(encryption = virStorageEncryptionParseNode(node->doc, child)))
+            if (!(encryption = virStorageEncryptionParseNode(child, ctxt)))
                 return -1;

             *encryptionsrc = encryption;
@@ -8637,7 +8638,7 @@ virDomainDiskSourceParse(xmlNodePtr node,
         !(src->auth = virStorageAuthDefParse(tmp, ctxt)))
         goto cleanup;

-    if (virDomainDiskSourceEncryptionParse(node, &src->encryption) < 0)
+    if (virDomainDiskSourceEncryptionParse(node, &src->encryption, ctxt) < 0)
         goto cleanup;

     if (virDomainDiskSourcePrivateDataParse(ctxt, src, flags, xmlopt) < 0)
@@ -9408,7 +9409,7 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
                 goto error;
             }

-            if (!(encryption = virStorageEncryptionParseNode(node->doc, cur)))
+            if (!(encryption = virStorageEncryptionParseNode(cur, ctxt)))
                 goto error;
         } else if (!serial &&
                    virXMLNodeNameEqual(cur, "serial")) {
diff --git a/src/conf/storage_conf.c b/src/conf/storage_conf.c
index f1f469d462..5036ab9ef8 100644
--- a/src/conf/storage_conf.c
+++ b/src/conf/storage_conf.c
@@ -1209,8 +1209,7 @@ virStorageVolDefParseXML(virStoragePoolDefPtr pool,

     node = virXPathNode("./target/encryption", ctxt);
     if (node != NULL) {
-        ret->target.encryption = virStorageEncryptionParseNode(ctxt->doc,
-                                                               node);
+        ret->target.encryption = virStorageEncryptionParseNode(node, ctxt);
         if (ret->target.encryption == NULL)
             goto error;
     }
diff --git a/src/util/virstorageencryption.c b/src/util/virstorageencryption.c
index f3de5ff7a7..77c46faf8e 100644
--- a/src/util/virstorageencryption.c
+++ b/src/util/virstorageencryption.c
@@ -242,9 +242,11 @@ virStorageEncryptionInfoParseIvgen(xmlNodePtr info_node,
 }


-static virStorageEncryptionPtr
-virStorageEncryptionParseXML(xmlXPathContextPtr ctxt)
+virStorageEncryptionPtr
+virStorageEncryptionParseNode(xmlNodePtr node,
+                              xmlXPathContextPtr ctxt)
 {
+    xmlNodePtr saveNode = ctxt->node;
     xmlNodePtr *nodes = NULL;
     virStorageEncryptionPtr encdef = NULL;
     virStorageEncryptionPtr ret = NULL;
@@ -252,6 +254,8 @@ virStorageEncryptionParseXML(xmlXPathContextPtr ctxt)
     int n;
     size_t i;

+    ctxt->node = node;
+
     if (VIR_ALLOC(encdef) < 0)
         goto cleanup;

@@ -311,34 +315,9 @@ virStorageEncryptionParseXML(xmlXPathContextPtr ctxt)
     VIR_FREE(format_str);
     VIR_FREE(nodes);
     virStorageEncryptionFree(encdef);
-    return ret;
-}
-
-virStorageEncryptionPtr
-virStorageEncryptionParseNode(xmlDocPtr xml, xmlNodePtr root)
-{
-    xmlXPathContextPtr ctxt = NULL;
-    virStorageEncryptionPtr enc = NULL;
-
-    if (STRNEQ((const char *) root->name, "encryption")) {
-        virReportError(VIR_ERR_XML_ERROR,
-                       "%s", _("unknown root element for volume "
-                               "encryption information"));
-        goto cleanup;
-    }
+    ctxt->node = saveNode;

-    ctxt = xmlXPathNewContext(xml);
-    if (ctxt == NULL) {
-        virReportOOMError();
-        goto cleanup;
-    }
-
-    ctxt->node = root;
-    enc = virStorageEncryptionParseXML(ctxt);
-
- cleanup:
-    xmlXPathFreeContext(ctxt);
-    return enc;
+    return ret;
 }


diff --git a/src/util/virstorageencryption.h b/src/util/virstorageencryption.h
index 42f990c494..1c0a39c32e 100644
--- a/src/util/virstorageencryption.h
+++ b/src/util/virstorageencryption.h
@@ -83,8 +83,8 @@ virStorageEncryptionPtr virStorageEncryptionCopy(const virStorageEncryption *src

 void virStorageEncryptionFree(virStorageEncryptionPtr enc);

-virStorageEncryptionPtr virStorageEncryptionParseNode(xmlDocPtr xml,
-                                                      xmlNodePtr root);
+virStorageEncryptionPtr virStorageEncryptionParseNode(xmlNodePtr node,
+                                                      xmlXPathContextPtr ctxt);
 int virStorageEncryptionFormat(virBufferPtr buf,
                                virStorageEncryptionPtr enc);

-- 
2.16.2

More information about the libvir-list mailing list