On 11/11/25 10:26, Martin Kletzander wrote: > From: Martin Kletzander <[email protected]> > > Utilise the new virDomainDefIDsParseString() for that. > > This is one of the more complex ones since there is also a function that > reads relevant metadata from a save image XML. In order _not_ to extract > the parsing out of the function (and make the function basically trivial > and all callers more complex) add a callback to the function which will > be used to check the ACLs. > > Fixes: CVE-2025-12748 > Reported-by: Святослав Терешин <[email protected]> > Signed-off-by: Martin Kletzander <[email protected]> > --- > src/qemu/qemu_driver.c | 90 ++++++++++++++++++++------------------- > src/qemu/qemu_migration.c | 23 +++++++++- > src/qemu/qemu_migration.h | 4 +- > src/qemu/qemu_saveimage.c | 25 +++++++++-- > src/qemu/qemu_saveimage.h | 4 +- > src/qemu/qemu_snapshot.c | 4 +- > 6 files changed, 97 insertions(+), 53 deletions(-)
Reviewed-by: Michal Privoznik <[email protected]> Michal
