From nobody Sun Feb  8 21:28:59 2026
Delivered-To: importer@patchew.org
Received-SPF: none (zohomail.com: 8.43.85.245 is neither permitted nor denied
 by domain of lists.libvirt.org) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	spf=none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain
 of lists.libvirt.org)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1700562610885242.81277250501057;
 Tue, 21 Nov 2023 02:30:10 -0800 (PST)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id 7B22D1879; Tue, 21 Nov 2023 05:30:09 -0500 (EST)
Received: from lists.libvirt.org (localhost [IPv6:::1])
	by lists.libvirt.org (Postfix) with ESMTP id 0BCEE17A4;
	Tue, 21 Nov 2023 05:28:29 -0500 (EST)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id CD50C179D; Tue, 21 Nov 2023 05:28:21 -0500 (EST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 38CB6179B
	for <devel@lists.libvirt.org>; Tue, 21 Nov 2023 05:28:21 -0500 (EST)
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-639-yn1m5yWJMvOUa3EjJ0iyFg-1; Tue, 21 Nov 2023 05:28:19 -0500
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 01951185A783
	for <devel@lists.libvirt.org>; Tue, 21 Nov 2023 10:28:19 +0000 (UTC)
Received: from maggie.brq.redhat.com (unknown [10.43.3.102])
	by smtp.corp.redhat.com (Postfix) with ESMTP id A1B31492BE0
	for <devel@lists.libvirt.org>; Tue, 21 Nov 2023 10:28:18 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No,
 score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,
	RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE
	autolearn=unavailable autolearn_force=no version=3.4.4
X-MC-Unique: yn1m5yWJMvOUa3EjJ0iyFg-1
From: Michal Privoznik <mprivozn@redhat.com>
To: devel@lists.libvirt.org
Subject: [PATCH 1/6] vbox_snapshot_conf: Parse XMLs without net access
Date: Tue, 21 Nov 2023 11:28:11 +0100
Message-ID: 
 <7bd2ef6676c61d9b27613a9603dfc8460ec4eb76.1700562423.git.mprivozn@redhat.com>
In-Reply-To: <cover.1700562423.git.mprivozn@redhat.com>
References: <cover.1700562423.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Message-ID-Hash: 7EFLKLFJJ2CIBP2IGIXH2VE45UCHSBCF
X-Message-ID-Hash: 7EFLKLFJJ2CIBP2IGIXH2VE45UCHSBCF
X-MailFrom: mprivozn@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-config-1;
 header-match-config-2; header-match-config-3;
 header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 suspicious-header
X-Mailman-Version: 3.2.2
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/7EFLKLFJJ2CIBP2IGIXH2VE45UCHSBCF/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
Content-Type: text/plain; charset="utf-8"; x-default="true"
Content-Transfer-Encoding: quoted-printable
X-ZM-MESSAGEID: 1700562611919100001

When working with VirtualBox's snapshots, the snapshot XML is
firstly parsed, stored in memory (with some parts being stored as
verbatim XML snippets, strings), requested changes are made and
then this modified XML is formatted via
virVBoxSnapshotConfSaveVboxFile() which calls
xmlParseInNodeContext() to format those previously stored XML
snippets.

The first parse of whole VirtualBox snapshot file is done using
virXMLParse() (in virVBoxSnapshotConfLoadVboxFile()) and thus
with XML_PARSE_NONET specified.

But those ad-hoc parsings when formatting the XML back pass zero
flags mask: xmlParseInNodeContext(..., options =3D 0, ...);

This is potentially dangerous.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 src/vbox/vbox_snapshot_conf.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/vbox/vbox_snapshot_conf.c b/src/vbox/vbox_snapshot_conf.c
index 84f7aceac2..467255f77f 100644
--- a/src/vbox/vbox_snapshot_conf.c
+++ b/src/vbox/vbox_snapshot_conf.c
@@ -369,6 +369,7 @@ virVBoxSnapshotConfSerializeSnapshot(xmlNodePtr node,
     int firstRegexResult =3D 0;
     g_auto(GStrv) secondRegex =3D NULL;
     int secondRegexResult =3D 0;
+    const int parseFlags =3D XML_PARSE_NONET;
=20
     uuid =3D g_strdup_printf("{%s}", snapshot->uuid);
=20
@@ -406,7 +407,7 @@ virVBoxSnapshotConfSerializeSnapshot(xmlNodePtr node,
     parseError =3D xmlParseInNodeContext(node,
                                        snapshot->hardware,
                                        (int)strlen(snapshot->hardware),
-                                       0,
+                                       parseFlags,
                                        &hardwareNode);
     if (parseError !=3D XML_ERR_OK) {
         virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -418,7 +419,7 @@ virVBoxSnapshotConfSerializeSnapshot(xmlNodePtr node,
     /* storageController */
     if (xmlParseInNodeContext(node, snapshot->storageController,
                               (int)strlen(snapshot->storageController),
-                              0,
+                              parseFlags,
                               &storageControllerNode) !=3D XML_ERR_OK) {
         virReportError(VIR_ERR_XML_ERROR, "%s",
                        _("Unable to add the snapshot storageController"));
@@ -944,6 +945,7 @@ virVBoxSnapshotConfSaveVboxFile(virVBoxSnapshotConfMach=
ine *machine,
     int firstRegexResult =3D 0;
     g_auto(GStrv) secondRegex =3D NULL;
     int secondRegexResult =3D 0;
+    const int parseFlags =3D XML_PARSE_NONET;
=20
     if (machine =3D=3D NULL) {
         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
@@ -1051,7 +1053,7 @@ virVBoxSnapshotConfSaveVboxFile(virVBoxSnapshotConfMa=
chine *machine,
         parseError =3D xmlParseInNodeContext(mediaRegistryNode,
                               machine->mediaRegistry->otherMedia[i],
                               (int)strlen(machine->mediaRegistry->otherMed=
ia[i]),
-                              0,
+                              parseFlags,
                               &cur);
         if (parseError !=3D XML_ERR_OK) {
             virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -1071,7 +1073,7 @@ virVBoxSnapshotConfSaveVboxFile(virVBoxSnapshotConfMa=
chine *machine,
     parseError =3D xmlParseInNodeContext(machineNode,
                                        machine->hardware,
                                        (int)strlen(machine->hardware),
-                                       0,
+                                       parseFlags,
                                        &cur);
     if (parseError !=3D XML_ERR_OK) {
         virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -1084,7 +1086,7 @@ virVBoxSnapshotConfSaveVboxFile(virVBoxSnapshotConfMa=
chine *machine,
         parseError =3D xmlParseInNodeContext(xmlDocGetRootElement(xml),
                                            machine->extraData,
                                            (int)strlen(machine->extraData),
-                                           0,
+                                           parseFlags,
                                            &cur);
         if (parseError !=3D XML_ERR_OK) {
             virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -1097,7 +1099,7 @@ virVBoxSnapshotConfSaveVboxFile(virVBoxSnapshotConfMa=
chine *machine,
     parseError =3D xmlParseInNodeContext(machineNode,
                                        machine->storageController,
                                        (int)strlen(machine->storageControl=
ler),
-                                       0,
+                                       parseFlags,
                                        &cur);
     if (parseError !=3D XML_ERR_OK) {
         virReportError(VIR_ERR_XML_ERROR, "%s",
--=20
2.41.0
_______________________________________________
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-leave@lists.libvirt.org