Enable autoescape in libvirt xml template

This avoids XML-injection by a malformed property value. If a property value is controlled by a less privileged entity (like Management VM), it could lead to a privilege escalation. Reported by @DemiMarie
2021-02-23 14:27:52 +01:00 · 2021-02-23 14:27:52 +01:00 · e1a2f8dcb2
commit e1a2f8dcb2
parent 2c83c7b16c
4 changed files with 8 additions and 5 deletions
--- a/qubes/app.py
+++ b/qubes/app.py
@ -924,7 +924,8 @@ class Qubes(qubes.PropertyHolder):
                '/etc/qubes/templates',
                '/usr/share/qubes/templates',
            ]),
-            undefined=jinja2.StrictUndefined)
+            undefined=jinja2.StrictUndefined,
+            autoescape=True)

        if load:
            self.load(lock=lock)
--- a/qubes/tests/devices_block.py
+++ b/qubes/tests/devices_block.py
@ -111,7 +111,8 @@ class TestApp(object):
                '/etc/qubes/templates',
                '/usr/share/qubes/templates',
            ]),
-            undefined=jinja2.StrictUndefined)
+            undefined=jinja2.StrictUndefined,
+            autoescape=True)
        self.domains = {}


--- a/qubes/tests/vm/init.py
+++ b/qubes/tests/vm/init.py
@ -112,4 +112,5 @@ class TestApp(qubes.tests.TestEmitter):
                '/etc/qubes/templates',
                '/usr/share/qubes/templates',
            ]),
-            undefined=jinja2.StrictUndefined)
+            undefined=jinja2.StrictUndefined,
+            autoescape=True)
--- a/qubes/tests/vm/qubesvm.py
+++ b/qubes/tests/vm/qubesvm.py
@ -963,7 +963,7 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
            <loader type="rom">hvmloader</loader>
            <boot dev="cdrom" />
            <boot dev="hd" />
-            <cmdline>kernel specific options</cmdline>
+            <cmdline>kernel &lt;text&gt; specific options</cmdline>
        </os>
        <features>
            <pae/>
@ -1002,7 +1002,7 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
            open(os.path.join(kernel_dir, 'initramfs'), 'w').close()
            with open(os.path.join(kernel_dir,
                    'default-kernelopts-common.txt'), 'w') as f:
-                f.write('kernel specific options \n')
+                f.write('kernel <text> specific options \n')
            self.addCleanup(shutil.rmtree, '/tmp/qubes-test')
            vm.kernel = 'dummy'
            libvirt_xml = vm.create_config_file()