[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libvir] XML escaping patch

On Fri, Jul 06, 2007 at 03:06:37PM +0100, Daniel P. Berrange wrote:
> So instead of that we could do
>     dom =  xmlRootElement("domain")
>     xmlAttributeInt(dom, "id", id);
>     xmlAttributeString(dom, "type", "xen");
>     os = xmlElement(dom, "os")
>     xmlElementString(os, "bootloader", tmp)
>     char *doc = xmlString(dom);
>     xmlFree(dom);
>     return doc;

  We could create intermediate functions around libxml2 tree API, 
but it would still be a bit more heavy than that. 

> Of course this is a much large change than the one you're suggesting. We
> surely need to fixup much more than the two 'cmdline' and 'bootloader_args'
> elements that you describe - practically any element / attribute which
> takes a %s format string needs this fix.

  Well would a name with < > or & actually work ? A path would not,
most attributes are predefined strings values which are just ascii name
token, that would probably be a bit over the top, no ?


Red Hat Virtualization group http://redhat.com/virtualization/
Daniel Veillard      | virtualization library  http://libvirt.org/
veillard redhat com  | libxml GNOME XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine  http://rpmfind.net/

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]