This is the mail archive of the cluster-cvs@sourceware.org mailing list for the cluster.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

cluster: STABLE3 - cman: Make fence_xvm's metadata not crash XMLparsers


Gitweb:        http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=b419e688d70cf09029dfa76d185269a7acb04a1e
Commit:        b419e688d70cf09029dfa76d185269a7acb04a1e
Parent:        e11f37ab363bb9f6eccefd1022e357d07fd8f5ff
Author:        Lon Hohberger <lhh@redhat.com>
AuthorDate:    Sat Feb 28 19:25:05 2009 -0500
Committer:     Lon Hohberger <lhh@redhat.com>
CommitterDate: Sat Feb 28 19:59:18 2009 -0500

cman: Make fence_xvm's metadata not crash XML parsers

---
 fence/agents/lib/fencing.py.py |    2 +-
 fence/agents/xvm/options.c     |   37 ++++++++++++++++++++++++++++++++++++-
 2 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/fence/agents/lib/fencing.py.py b/fence/agents/lib/fencing.py.py
index a4548fd..684efd0 100644
--- a/fence/agents/lib/fencing.py.py
+++ b/fence/agents/lib/fencing.py.py
@@ -66,7 +66,7 @@ all_opt = {
 		"getopt" : "o:",
 		"longopt" : "action",
 		"help" : "-o, --action=<action>          Action: status, reboot (default), off or on",
-		"required" : "1",
+		"required" : "0",
 		"shortdesc" : "Fencing Action",
 		"default" : "reboot",
 		"order" : 1 },
diff --git a/fence/agents/xvm/options.c b/fence/agents/xvm/options.c
index 00a2f75..4fa2eeb 100644
--- a/fence/agents/xvm/options.c
+++ b/fence/agents/xvm/options.c
@@ -511,6 +511,41 @@ args_usage(char *progname, char *optstr, int print_stdin)
 }
 
 
+static char *clean_tags(char *desc)
+{
+	static char result[16384];
+	char *r, *d;
+
+	if (strlen(desc) > sizeof(result)) 
+		return "";
+
+	/* XXX could overflow, but the data used in this
+           function is statically defined at compile time, so
+	   there's no chance that external information is being
+           parsed here -- for now.  This will need to be changed
+           if we parse data that isn't hardcoded. */
+
+	memset(result,0,sizeof(result));
+	r = result;
+	for (d = desc; *d; d++) {
+		switch (*d) {
+		case '<':
+			memcpy(r, "&lt;", 4);
+			r+=4;
+			break;
+		case '>':
+			memcpy(r, "&gt;", 4);
+			r+=4;
+			break;
+		default:
+			*r++ = *d;
+		}
+	}
+
+	return result;
+}
+
+
 void
 args_metadata(char *progname, char *optstr)
 {
@@ -528,7 +563,7 @@ args_metadata(char *progname, char *optstr)
 
 		printf("\t<parameter name=\"%s\">\n",arg->stdin_opt);
 		printf("\t\t<shortdesc lang=\"C\">%s</shortdesc>\n",
-		       arg->desc);
+		       clean_tags(arg->desc));
 		printf("\t</parameter>\n");
 	}
 


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]