From fef3a810c7cc50bfc7ad274e5d658d96d2db6698 Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Mon, 10 Oct 2016 06:26:50 +0200 Subject: [PATCH] qemu: command: escape smbios entry strings We pass free-form strings from the users to qemu, thus we need escape commas since they are passed to qemu monitor. Partially resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1373535 --- src/qemu/qemu_command.c | 102 ++++++++++++++++++++++++++-------------- 1 file changed, 66 insertions(+), 36 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 1d1d508245..67f636ac55 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -5621,17 +5621,25 @@ qemuBuildSmbiosBiosStr(virSysinfoBIOSDefPtr def) virBufferAddLit(&buf, "type=0"); /* 0:Vendor */ - if (def->vendor) - virBufferAsprintf(&buf, ",vendor=%s", def->vendor); + if (def->vendor) { + virBufferAddLit(&buf, ",vendor="); + virQEMUBuildBufferEscapeComma(&buf, def->vendor); + } /* 0:BIOS Version */ - if (def->version) - virBufferAsprintf(&buf, ",version=%s", def->version); + if (def->version) { + virBufferAddLit(&buf, ",version="); + virQEMUBuildBufferEscapeComma(&buf, def->version); + } /* 0:BIOS Release Date */ - if (def->date) - virBufferAsprintf(&buf, ",date=%s", def->date); + if (def->date) { + virBufferAddLit(&buf, ",date="); + virQEMUBuildBufferEscapeComma(&buf, def->date); + } /* 0:System BIOS Major Release and 0:System BIOS Minor Release */ - if (def->release) - virBufferAsprintf(&buf, ",release=%s", def->release); + if (def->release) { + virBufferAddLit(&buf, ",release="); + virQEMUBuildBufferEscapeComma(&buf, def->release); + } return virBufferContentAndReset(&buf); } @@ -5652,27 +5660,40 @@ qemuBuildSmbiosSystemStr(virSysinfoSystemDefPtr def, virBufferAddLit(&buf, "type=1"); /* 1:Manufacturer */ - if (def->manufacturer) - virBufferAsprintf(&buf, ",manufacturer=%s", - def->manufacturer); + if (def->manufacturer) { + virBufferAddLit(&buf, ",manufacturer="); + virQEMUBuildBufferEscapeComma(&buf, def->manufacturer); + } /* 1:Product Name */ - if (def->product) - virBufferAsprintf(&buf, ",product=%s", def->product); + if (def->product) { + virBufferAddLit(&buf, ",product="); + virQEMUBuildBufferEscapeComma(&buf, def->product); + } /* 1:Version */ - if (def->version) - virBufferAsprintf(&buf, ",version=%s", def->version); + if (def->version) { + virBufferAddLit(&buf, ",version="); + virQEMUBuildBufferEscapeComma(&buf, def->version); + } /* 1:Serial Number */ - if (def->serial) - virBufferAsprintf(&buf, ",serial=%s", def->serial); + if (def->serial) { + virBufferAddLit(&buf, ",serial="); + virQEMUBuildBufferEscapeComma(&buf, def->serial); + } /* 1:UUID */ - if (def->uuid && !skip_uuid) - virBufferAsprintf(&buf, ",uuid=%s", def->uuid); + if (def->uuid && !skip_uuid) { + virBufferAddLit(&buf, ",uuid="); + virQEMUBuildBufferEscapeComma(&buf, def->uuid); + } /* 1:SKU Number */ - if (def->sku) - virBufferAsprintf(&buf, ",sku=%s", def->sku); + if (def->sku) { + virBufferAddLit(&buf, ",sku="); + virQEMUBuildBufferEscapeComma(&buf, def->sku); + } /* 1:Family */ - if (def->family) - virBufferAsprintf(&buf, ",family=%s", def->family); + if (def->family) { + virBufferAddLit(&buf, ",family="); + virQEMUBuildBufferEscapeComma(&buf, def->family); + } return virBufferContentAndReset(&buf); } @@ -5689,24 +5710,33 @@ qemuBuildSmbiosBaseBoardStr(virSysinfoBaseBoardDefPtr def) virBufferAddLit(&buf, "type=2"); /* 2:Manufacturer */ - if (def->manufacturer) - virBufferAsprintf(&buf, ",manufacturer=%s", - def->manufacturer); + virBufferAddLit(&buf, ",manufacturer="); + virQEMUBuildBufferEscapeComma(&buf, def->manufacturer); /* 2:Product Name */ - if (def->product) - virBufferAsprintf(&buf, ",product=%s", def->product); + if (def->product) { + virBufferAddLit(&buf, ",product="); + virQEMUBuildBufferEscapeComma(&buf, def->product); + } /* 2:Version */ - if (def->version) - virBufferAsprintf(&buf, ",version=%s", def->version); + if (def->version) { + virBufferAddLit(&buf, ",version="); + virQEMUBuildBufferEscapeComma(&buf, def->version); + } /* 2:Serial Number */ - if (def->serial) - virBufferAsprintf(&buf, ",serial=%s", def->serial); + if (def->serial) { + virBufferAddLit(&buf, ",serial="); + virQEMUBuildBufferEscapeComma(&buf, def->serial); + } /* 2:Asset Tag */ - if (def->asset) - virBufferAsprintf(&buf, ",asset=%s", def->asset); + if (def->asset) { + virBufferAddLit(&buf, ",asset="); + virQEMUBuildBufferEscapeComma(&buf, def->asset); + } /* 2:Location */ - if (def->location) - virBufferAsprintf(&buf, ",location=%s", def->location); + if (def->location) { + virBufferAddLit(&buf, ",location="); + virQEMUBuildBufferEscapeComma(&buf, def->location); + } if (virBufferCheckError(&buf) < 0) goto error; -- GitLab