qemu: Escape commas for qemuBuildSmartcardCommandLine

Add comma escaping for smartcard->data.cert.file[i] and
smartcard->data.cert.database.

Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 40e8f8fccf992fe68f878ac31ed55926cdfe05f0..a9a5e200e98e0f6395ef98d2abcd09e896e1e879 100644 (file)
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -8716,29 +8716,16 @@ qemuBuildSmartcardCommandLine(virLogManagerPtr logManager,
 
         virBufferAddLit(&opt, "ccid-card-emulated,backend=certificates");
         for (i = 0; i < VIR_DOMAIN_SMARTCARD_NUM_CERTIFICATES; i++) {
-            if (strchr(smartcard->data.cert.file[i], ',')) {
-                virBufferFreeAndReset(&opt);
-                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                               _("invalid certificate name: %s"),
-                               smartcard->data.cert.file[i]);
-                return -1;
-            }
-            virBufferAsprintf(&opt, ",cert%zu=%s", i + 1,
-                              smartcard->data.cert.file[i]);
+            virBufferAsprintf(&opt, ",cert%zu=", i + 1);
+            virQEMUBuildBufferEscapeComma(&opt, smartcard->data.cert.file[i]);
         }
         if (smartcard->data.cert.database) {
-            if (strchr(smartcard->data.cert.database, ',')) {
-                virBufferFreeAndReset(&opt);
-                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                               _("invalid database name: %s"),
-                               smartcard->data.cert.database);
-                return -1;
-            }
             database = smartcard->data.cert.database;
         } else {
             database = VIR_DOMAIN_SMARTCARD_DEFAULT_DATABASE;
         }
-        virBufferAsprintf(&opt, ",db=%s", database);
+        virBufferAddLit(&opt, ",db=");
+        virQEMUBuildBufferEscapeComma(&opt, database);
         break;
 
     case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:

diff --git a/tests/qemuxml2argvdata/name-escape.args b/tests/qemuxml2argvdata/name-escape.args
index 35a13b25332002f20176f3ccfab6ee722532b819..d3b908a7e68484b9ae7af262c2aebfa2cc38d5dd 100644 (file)
--- a/tests/qemuxml2argvdata/name-escape.args
+++ b/tests/qemuxml2argvdata/name-escape.args
@@ -22,7 +22,10 @@ bar=2/monitor.sock,server,nowait \
 -no-shutdown \
 -no-acpi \
 -boot c \
+-device usb-ccid,id=ccid0,bus=usb.0,port=1 \
 -usb \
+-device ccid-card-emulated,backend=certificates,cert1=cert1,,foo,cert2=cert2,\
+cert3=cert3,db=/etc/pki/nssdb,,foo,id=smartcard0,bus=ccid0.0 \
 -chardev tty,id=charserial0,path=/dev/ttyS2,,foo \
 -device isa-serial,chardev=charserial0,id=serial0 \
 -chardev file,id=charserial1,path=/tmp/serial.log,,foo,append=on \

diff --git a/tests/qemuxml2argvdata/name-escape.xml b/tests/qemuxml2argvdata/name-escape.xml
index 79c1b34458e150a34176c66d091b8f9734590731..9ca7be596806a5a210d6a251fb76a25880151a89 100644 (file)
--- a/tests/qemuxml2argvdata/name-escape.xml
+++ b/tests/qemuxml2argvdata/name-escape.xml
@@ -31,5 +31,11 @@
       <source path='/tmp/guestfwd,foo'/>
       <target type='guestfwd' address='10.0.2.1' port='4600'/>
     </channel>
+    <smartcard mode='host-certificates'>
+      <certificate>cert1,foo</certificate>
+      <certificate>cert2</certificate>
+      <certificate>cert3</certificate>
+      <database>/etc/pki/nssdb,foo</database>
+    </smartcard>
   </devices>
 </domain>

diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 18888872db05719ce3037593f53c5086ec64a741..b4b98152e66988a16c87354cbf626ca1fc247acd 100644 (file)
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -2764,7 +2764,8 @@ mymain(void)
             QEMU_CAPS_SPICE,
             QEMU_CAPS_SPICE_UNIX,
             QEMU_CAPS_DEVICE_ISA_SERIAL,
-            QEMU_CAPS_CHARDEV_FILE_APPEND);
+            QEMU_CAPS_CHARDEV_FILE_APPEND,
+            QEMU_CAPS_CCID_EMULATED);
     DO_TEST("debug-threads", QEMU_CAPS_NAME_DEBUG_THREADS);
 
     DO_TEST("master-key", QEMU_CAPS_OBJECT_SECRET);