[PATCH 10/12] virSecurityDeviceLabelDefParseXML: Don't use 'virXPathStringLimit'
Peter Krempa
pkrempa at redhat.com
Mon Nov 22 17:12:30 UTC 2021
virXPathStringLimit doesn't give callers a way to differentiate between
the queried XPath being empty and the length limit being exceeded.
This means that the callers is completely ignoring the error.
Move the length check into the caller.
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
src/conf/domain_conf.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index e829511ac5..d6eefed398 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8066,9 +8066,10 @@ virSecurityDeviceLabelDefParseXML(virSecurityDeviceLabelDef ***seclabels_rtn,
ignore_value(virStringParseYesNo(labelskip, &seclabels[i]->labelskip));
ctxt->node = list[i];
- label = virXPathStringLimit("string(./label)",
- VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
- seclabels[i]->label = g_steal_pointer(&label);
+ label = virXPathString("string(./label)", ctxt);
+
+ if (label && strlen(label) < VIR_SECURITY_LABEL_BUFLEN)
+ seclabels[i]->label = g_steal_pointer(&label);
if (seclabels[i]->label && !seclabels[i]->relabel) {
virReportError(VIR_ERR_XML_ERROR,
--
2.31.1
More information about the libvir-list
mailing list