From 798d87539d08ba848712e42bd50c6181c060086d Mon Sep 17 00:00:00 2001 From: Pavel Hrdina Date: Thu, 6 Mar 2025 12:55:25 +0100 Subject: [PATCH] domain_conf: graphics: properly escape user provided strings when formatting XML MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This was reported on virt-manager issue tracker as it was possible to provide `listen` attribute with properly escaped characters but libvirt would format XML without escaping it. Signed-off-by: Pavel Hrdina Reviewed-by: Ján Tomko --- src/conf/domain_conf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 278d3bd4e9..7eb6d4c91a 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -26340,7 +26340,7 @@ virDomainGraphicsListenDefFormat(virBuffer *buf, !(flags & VIR_DOMAIN_DEF_FORMAT_INACTIVE)))) { /* address may also be set to show current status when type='network', * but we don't want to print that if INACTIVE data is requested. */ - virBufferAsprintf(&attrBuf, " address='%s'", def->address); + virBufferEscapeString(&attrBuf, " address='%s'", def->address); } if (def->network && @@ -26429,7 +26429,7 @@ virDomainGraphicsListenDefFormatAddr(virBuffer *buf, return; if (glisten->address) - virBufferAsprintf(buf, " listen='%s'", glisten->address); + virBufferEscapeString(buf, " listen='%s'", glisten->address); } static void -- 2.47.3