提交 caefceb6 编写于 作者: D Daniel P. Berrange 提交者: Laine Stump

Don't ignore errors parsing nwfilter rules

For inexplicable reasons, the nwfilter XML parser is intentionally
ignoring errors that arise during parsing. As well as meaning that
users don't get any feedback on their XML mistakes, this will lead
it to silently drop data in OOM conditions.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 4f209434)
上级 f0367408
...@@ -2369,9 +2369,7 @@ virNWFilterRuleParse(xmlNodePtr node) ...@@ -2369,9 +2369,7 @@ virNWFilterRuleParse(xmlNodePtr node)
if (virNWFilterRuleDetailsParse(cur, if (virNWFilterRuleDetailsParse(cur,
ret, ret,
virAttr[i].att) < 0) { virAttr[i].att) < 0) {
/* we ignore malformed rules goto err_exit;
goto err_exit;
*/
} }
break; break;
} }
...@@ -2572,11 +2570,13 @@ virNWFilterDefParseXML(xmlXPathContextPtr ctxt) { ...@@ -2572,11 +2570,13 @@ virNWFilterDefParseXML(xmlXPathContextPtr ctxt) {
if (VIR_ALLOC(entry) < 0) if (VIR_ALLOC(entry) < 0)
goto cleanup; goto cleanup;
/* ignore malformed rule and include elements */ if (xmlStrEqual(curr->name, BAD_CAST "rule")) {
if (xmlStrEqual(curr->name, BAD_CAST "rule")) if (!(entry->rule = virNWFilterRuleParse(curr)))
entry->rule = virNWFilterRuleParse(curr); goto cleanup;
else if (xmlStrEqual(curr->name, BAD_CAST "filterref")) } else if (xmlStrEqual(curr->name, BAD_CAST "filterref")) {
entry->include = virNWFilterIncludeParse(curr); if (!(entry->include = virNWFilterIncludeParse(curr)))
goto cleanup;
}
if (entry->rule || entry->include) { if (entry->rule || entry->include) {
if (VIR_REALLOC_N(ret->filterEntries, ret->nentries+1) < 0) { if (VIR_REALLOC_N(ret->filterEntries, ret->nentries+1) < 0) {
......
...@@ -36,15 +36,12 @@ testCompareXMLToXMLFiles(const char *inxml, const char *outxml, ...@@ -36,15 +36,12 @@ testCompareXMLToXMLFiles(const char *inxml, const char *outxml,
virResetLastError(); virResetLastError();
if (!(dev = virNWFilterDefParseString(NULL, inXmlData))) if (!(dev = virNWFilterDefParseString(NULL, inXmlData))) {
if (expect_error) {
virResetLastError();
goto done;
}
goto fail; goto fail;
if (!!virGetLastError() != expect_error)
goto fail;
if (expect_error) {
/* need to suppress the errors */
virResetLastError();
} }
if (!(actual = virNWFilterDefFormat(dev))) if (!(actual = virNWFilterDefFormat(dev)))
...@@ -55,6 +52,7 @@ testCompareXMLToXMLFiles(const char *inxml, const char *outxml, ...@@ -55,6 +52,7 @@ testCompareXMLToXMLFiles(const char *inxml, const char *outxml,
goto fail; goto fail;
} }
done:
ret = 0; ret = 0;
fail: fail:
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册