nwfilter_conf: add validation against schema in define

author Kristina Hanicova <khanicov@redhat.com>

Fri, 20 Aug 2021 11:57:08 +0000 (13:57 +0200)

committer Michal Privoznik <mprivozn@redhat.com>

Fri, 20 Aug 2021 13:38:53 +0000 (15:38 +0200)
author Kristina Hanicova <khanicov@redhat.com>
Fri, 20 Aug 2021 11:57:08 +0000 (13:57 +0200)
committer Michal Privoznik <mprivozn@redhat.com>
Fri, 20 Aug 2021 13:38:53 +0000 (15:38 +0200)
diff --git a/src/conf/nwfilter_conf.c b/src/conf/nwfilter_conf.c

index 7d491e27b1c238fccbe85f968a8d602f76024a8e..a3109962afbf77cbd568ac69b304dd1d39b33165 100644 (file)
--- a/src/conf/nwfilter_conf.c
+++ b/src/conf/nwfilter_conf.c
@@ -2739,12 +2739,14 @@ virNWFilterDefParseNode(xmlDocPtr xml,
  
  static virNWFilterDef *
  virNWFilterDefParse(const char *xmlStr,
-                    const char *filename)
+                    const char *filename,
+                    unsigned int flags)
  {
      virNWFilterDef *def = NULL;
      g_autoptr(xmlDoc) xml = NULL;
  
-    if ((xml = virXMLParse(filename, xmlStr, _("(nwfilter_definition)"), NULL, false))) {
+    if ((xml = virXMLParse(filename, xmlStr, _("(nwfilter_definition)"), "nwfilter.rng",
+                           flags & VIR_NWFILTER_DEFINE_VALIDATE))) {
          def = virNWFilterDefParseNode(xml, xmlDocGetRootElement(xml));
      }
  
@@ -2753,16 +2755,17 @@ virNWFilterDefParse(const char *xmlStr,
  
  
  virNWFilterDef *
-virNWFilterDefParseString(const char *xmlStr)
+virNWFilterDefParseString(const char *xmlStr,
+                          unsigned int flags)
  {
-    return virNWFilterDefParse(xmlStr, NULL);
+    return virNWFilterDefParse(xmlStr, NULL, flags);
  }
  
  
  virNWFilterDef *
  virNWFilterDefParseFile(const char *filename)
  {
-    return virNWFilterDefParse(NULL, filename);
+    return virNWFilterDefParse(NULL, filename, 0);
  }
  
  
diff --git a/src/conf/nwfilter_conf.h b/src/conf/nwfilter_conf.h

index 8d5684eb4e5f0bf2850e0ba1c5016a60017a62ec..bbe12284a55debfc90c641233fd180c133402e70 100644 (file)
--- a/src/conf/nwfilter_conf.h
+++ b/src/conf/nwfilter_conf.h
@@ -546,7 +546,8 @@ virNWFilterSaveConfig(const char *configDir,
                        virNWFilterDef *def);
  
  virNWFilterDef *
-virNWFilterDefParseString(const char *xml);
+virNWFilterDefParseString(const char *xml,
+                          unsigned int flags);
  
  virNWFilterDef *
  virNWFilterDefParseFile(const char *filename);
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c

index 25391c9adfdd18efbf0d17d35848be40e4d86300..665a962f4a728d91ad0a3b018dd9399535a9ce34 100644 (file)
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -547,7 +547,7 @@ nwfilterDefineXMLFlags(virConnectPtr conn,
      nwfilterDriverLock();
      virNWFilterWriteLockFilterUpdates();
  
-    if (!(def = virNWFilterDefParseString(xml)))
+    if (!(def = virNWFilterDefParseString(xml, 0)))
          goto cleanup;
  
      if (virNWFilterDefineXMLFlagsEnsureACL(conn, def) < 0)
author	Kristina Hanicova <khanicov@redhat.com>
	Fri, 20 Aug 2021 11:57:08 +0000 (13:57 +0200)
committer	Michal Privoznik <mprivozn@redhat.com>
	Fri, 20 Aug 2021 13:38:53 +0000 (15:38 +0200)
src/conf/nwfilter_conf.c		patch \| blob \| blame \| history
src/conf/nwfilter_conf.h		patch \| blob \| blame \| history
src/nwfilter/nwfilter_driver.c		patch \| blob \| blame \| history