[PATCH] virsh: snapshot: Don't validate schema of XML generated by 'virsh snapshot-create-as'
Ján Tomko
jtomko at redhat.com
Thu Apr 15 13:45:53 UTC 2021
On a Thursday in 2021, Peter Krempa wrote:
>Commit 95f8e3237e5486f487324c6 which introduced XML schema validation
>for snapshot XMLs always asserted the validation for the XML generated
>by 'virsh snapshot-create-as' on the basis that it's libvirt-generated,
>thus valid.
>
>This unfortunately isn't true as users can influence certain bits of the
>XML such as the disk image path which must be a full path. Thus if a
>user tries to invoke virsh as:
>
> $ virsh snapshot-create-as upstream --diskspec vda,file=relative.qcow2
> error: XML document failed to validate against schema: Unable to validate doc against /path/to/domainsnapshot.rng
> Extra element disks in interleave
> Element domainsnapshot failed to validate content
>
>They get a rather useless error from the libxml2 RNG validator.
>
>With this fix applied, we get to the XML parser in libvirtd which has a
>more reasonable error:
>
> $ virsh snapshot-create-as upstream --diskspec vda,file=relative.qcow2
> error: XML error: disk snapshot image path 'relative.qcow2' must be absolute
>
>Instead users can force validation of the XML generated by 'virsh
>snapshot-create-as' by passing the '--validate' flag.
>
>Signed-off-by: Peter Krempa <pkrempa at redhat.com>
>---
> docs/manpages/virsh.rst | 4 +++-
> tools/virsh-snapshot.c | 8 +++++++-
> 2 files changed, 10 insertions(+), 2 deletions(-)
>
Reviewed-by: Ján Tomko <jtomko at redhat.com>
Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20210415/88477beb/attachment-0001.sig>
More information about the libvir-list
mailing list