Enable autoescape in libvirt xml template
This avoids XML-injection by a malformed property value. If a property value is controlled by a less privileged entity (like Management VM), it could lead to a privilege escalation. Reported by @DemiMarie
This commit is contained in:
parent
2c83c7b16c
commit
e1a2f8dcb2
@ -924,7 +924,8 @@ class Qubes(qubes.PropertyHolder):
|
|||||||
'/etc/qubes/templates',
|
'/etc/qubes/templates',
|
||||||
'/usr/share/qubes/templates',
|
'/usr/share/qubes/templates',
|
||||||
]),
|
]),
|
||||||
undefined=jinja2.StrictUndefined)
|
undefined=jinja2.StrictUndefined,
|
||||||
|
autoescape=True)
|
||||||
|
|
||||||
if load:
|
if load:
|
||||||
self.load(lock=lock)
|
self.load(lock=lock)
|
||||||
|
@ -111,7 +111,8 @@ class TestApp(object):
|
|||||||
'/etc/qubes/templates',
|
'/etc/qubes/templates',
|
||||||
'/usr/share/qubes/templates',
|
'/usr/share/qubes/templates',
|
||||||
]),
|
]),
|
||||||
undefined=jinja2.StrictUndefined)
|
undefined=jinja2.StrictUndefined,
|
||||||
|
autoescape=True)
|
||||||
self.domains = {}
|
self.domains = {}
|
||||||
|
|
||||||
|
|
||||||
|
@ -112,4 +112,5 @@ class TestApp(qubes.tests.TestEmitter):
|
|||||||
'/etc/qubes/templates',
|
'/etc/qubes/templates',
|
||||||
'/usr/share/qubes/templates',
|
'/usr/share/qubes/templates',
|
||||||
]),
|
]),
|
||||||
undefined=jinja2.StrictUndefined)
|
undefined=jinja2.StrictUndefined,
|
||||||
|
autoescape=True)
|
||||||
|
@ -963,7 +963,7 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
|
|||||||
<loader type="rom">hvmloader</loader>
|
<loader type="rom">hvmloader</loader>
|
||||||
<boot dev="cdrom" />
|
<boot dev="cdrom" />
|
||||||
<boot dev="hd" />
|
<boot dev="hd" />
|
||||||
<cmdline>kernel specific options</cmdline>
|
<cmdline>kernel <text> specific options</cmdline>
|
||||||
</os>
|
</os>
|
||||||
<features>
|
<features>
|
||||||
<pae/>
|
<pae/>
|
||||||
@ -1002,7 +1002,7 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
|
|||||||
open(os.path.join(kernel_dir, 'initramfs'), 'w').close()
|
open(os.path.join(kernel_dir, 'initramfs'), 'w').close()
|
||||||
with open(os.path.join(kernel_dir,
|
with open(os.path.join(kernel_dir,
|
||||||
'default-kernelopts-common.txt'), 'w') as f:
|
'default-kernelopts-common.txt'), 'w') as f:
|
||||||
f.write('kernel specific options \n')
|
f.write('kernel <text> specific options \n')
|
||||||
self.addCleanup(shutil.rmtree, '/tmp/qubes-test')
|
self.addCleanup(shutil.rmtree, '/tmp/qubes-test')
|
||||||
vm.kernel = 'dummy'
|
vm.kernel = 'dummy'
|
||||||
libvirt_xml = vm.create_config_file()
|
libvirt_xml = vm.create_config_file()
|
||||||
|
Loading…
Reference in New Issue
Block a user