diff options
author | Markus Armbruster <armbru@redhat.com> | 2018-08-06 08:53:33 +0200 |
---|---|---|
committer | Markus Armbruster <armbru@redhat.com> | 2018-08-16 08:42:06 +0200 |
commit | 015715f554f19a809cd80ff53a3881fddfda1336 (patch) | |
tree | 0fdd62ad38256540016f4570d28d4831912daa89 /tests/tpm-util.c | |
parent | 62fff696d56b90e5820d2c3c3085b778b23f0d93 (diff) |
tests: Clean up string interpolation into QMP input (simple cases)
When you build QMP input manually like this
cmd = g_strdup_printf("{ 'execute': 'migrate',"
"'arguments': { 'uri': '%s' } }",
uri);
rsp = qmp(cmd);
g_free(cmd);
you're responsible for escaping the interpolated values for JSON. Not
done here, and therefore works only for sufficiently nice @uri. For
instance, if @uri contained a single "'", qobject_from_vjsonf_nofail()
would abort. A sufficiently nasty @uri could even inject unwanted
members into the arguments object.
Leaving interpolation into JSON to qmp() is more robust:
rsp = qmp("{ 'execute': 'migrate', 'arguments': { 'uri': %s } }", uri);
It's also more concise.
Clean up the simple cases where we interpolate exactly a JSON value.
Bonus: gets rid of non-literal format strings. A step towards
compile-time format string checking without triggering
-Wformat-nonliteral.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180806065344.7103-13-armbru@redhat.com>
Diffstat (limited to 'tests/tpm-util.c')
-rw-r--r-- | tests/tpm-util.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/tests/tpm-util.c b/tests/tpm-util.c index 672cedf905..3bd2887f1e 100644 --- a/tests/tpm-util.c +++ b/tests/tpm-util.c @@ -239,13 +239,10 @@ void tpm_util_swtpm_kill(GPid pid) void tpm_util_migrate(QTestState *who, const char *uri) { QDict *rsp; - gchar *cmd; - cmd = g_strdup_printf("{ 'execute': 'migrate'," - "'arguments': { 'uri': '%s' } }", - uri); - rsp = qtest_qmp(who, cmd); - g_free(cmd); + rsp = qtest_qmp(who, + "{ 'execute': 'migrate', 'arguments': { 'uri': %s } }", + uri); g_assert(qdict_haskey(rsp, "return")); qobject_unref(rsp); } |