[pve-devel] [PATCH cluster] add get_guest_config_property IPCC method
Dominik Csapak
d.csapak at proxmox.com
Wed Jun 12 14:57:08 CEST 2019
On 6/12/19 2:35 PM, Wolfgang Bumiller wrote:
> On Wed, Jun 12, 2019 at 01:48:57PM +0200, Thomas Lamprecht wrote:
>> On 6/12/19 1:12 PM, Wolfgang Bumiller wrote:
>>> On Tue, Jun 11, 2019 at 06:02:22AM +0200, Thomas Lamprecht wrote:
>>>> +
>>>> + char *val = _get_property_value(tmp, prop, prop_len);
>>>> + if (val == NULL) {
>>>> + g_free(tmp);
>>>> + goto ret;
>>>> + }
>>>> +
>>>> + g_string_append_printf(str,"\"%u\": { \"%s\": \"%s\"\n }", vmid, prop, val);
>>>
>>> Should we not sanity-check the value for double quotes here?
>>
>> we normally do not have any here, but we can have in theory..
>>
>> Maybe do the warn-and-ignore approach for now? and if we really
>> need it directly go to a libjson approach..
>
> Sounds good to me. In the backend there shouldn't be double quotes after
> all, just the documented regex you posted in the comment/commit message
> doesn't reflect that as it just matches (.+) for the value.
>
just fyi, a user can put double quotes into the 'args' property
but i guess this is a field we won't extract with this method
also, theoretically a user can put a double quote into a bind mount path...
More information about the pve-devel
mailing list