On 8/5/26 13:24, Daniel P. Berrangé wrote:
The object_new_with_props/propv methods failed to validate the ID string
format, thus diverging from user_creatable_add_type.
Signed-off-by: Daniel P. Berrangé <[email protected]>
---
qom/object.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/qom/object.c b/qom/object.c
index 9c391071fb..62d2f0486a 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -24,6 +24,8 @@
#include "qapi/forward-visitor.h"
#include "qapi/qapi-builtin-visit.h"
#include "qobject/qjson.h"
+#include "qemu/id.h"
+#include "qapi/qmp/qerror.h"
#include "trace.h"
/* TODO: replace QObject with a simpler visitor to avoid a dependency
@@ -764,6 +766,13 @@ Object *object_new_with_propv(const char *typename,
ObjectClass *klass;
UserCreatable *uc;
+ if (id != NULL && !id_wellformed(id)) {
+ error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "id", "an identifier");
+ error_append_hint(errp, "Identifiers consist of letters, digits, "
+ "'-', '.', '_', starting with a letter.\n");
+ return NULL;
+ }
Use a common object_identifier_is_well_formed() helper?
+
klass = object_class_by_name(typename);
if (!klass) {
error_setg(errp, "invalid object type: %s", typename);
