[pve-devel] [PATCH qemu-server] fix #3683: agent file-write: enable user to encode the content themselves

[pve-devel] [PATCH qemu-server] fix #3683: agent file-write: enable user to encode the content themselves

[Dominik Csapak]

by adding an optional parameter 'encode' (enabled by default). When it
is disabled, the content must be base64 encoded already. This
way, users can send a binary file to the vm by base64 encoding it
themselves

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
 PVE/API2/Qemu/Agent.pm | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/PVE/API2/Qemu/Agent.pm b/PVE/API2/Qemu/Agent.pm
index a1aa740..9a06191 100644
--- a/PVE/API2/Qemu/Agent.pm
+++ b/PVE/API2/Qemu/Agent.pm
@@ -473,7 +473,15 @@ __PACKAGE__->register_method({
 		type => 'string',
 		maxLength => 60*1024, # 60k, smaller than our 64k POST limit
 		description => "The content to write into the file."
-	    }
+	    },
+	    encode => {
+		type => 'boolean',
+		description => "If set the content will be encoded as base64"
+		    ." (required by QEMU). Otherwise the content needs to be encoded"
+		    ." beforehand. (Default is true)",
+		optional => 1,
+		default => 1,
+	    },
 	},
     },
     returns => { type => 'null' },
@@ -481,7 +489,15 @@ __PACKAGE__->register_method({
 	my ($param) = @_;
 
 	my $vmid = $param->{vmid};
-	my $buf = encode_base64($param->{content});
+	my $encode = $param->{encode} // 1;
+	my $buf;
+	if ($encode) {
+	    $buf = encode_base64($param->{content});
+	} else {
+	    die "content is not base64 encoded\n"
+		if $param->{content} !~ m@^(?:[A-Z0-9+/]{4})*(?:[A-Z0-9+/]{2}==|[A-Z0-9+/]{3}=)?$@mi;
+	    $buf = $param->{content};
+	}
 
 	my $qgafh = agent_cmd($vmid, "file-open",  { path => $param->{file}, mode => 'wb' }, "can't open file");
 	my $write = agent_cmd($vmid, "file-write", { handle => $qgafh, 'buf-b64' => $buf }, "can't write to file");
-- 
2.30.2

[pve-devel] applied: [PATCH qemu-server] fix #3683: agent file-write: enable user to encode the content themselves

[Thomas Lamprecht]

On 10.02.22 15:52, Dominik Csapak wrote:
> by adding an optional parameter 'encode' (enabled by default). When it
> is disabled, the content must be base64 encoded already. This
> way, users can send a binary file to the vm by base64 encoding it
> themselves
> 
> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> ---
>  PVE/API2/Qemu/Agent.pm | 20 ++++++++++++++++++--
>  1 file changed, 18 insertions(+), 2 deletions(-)
> 
>

applied, with some cleanups in general as followup and another one dropping
the base64 check with the assumption that it can be relatively expensive, the
user needs to turn off auto-encode explicitly already and QEMU/QGA should be
able to cope with bogus input - or do you know a case when this isn't true?
As then we can just revert it again.

 thanks!

Re: [pve-devel] applied: [PATCH qemu-server] fix #3683: agent file-write: enable user to encode the content themselves

[Dominik Csapak]

On 2/10/22 16:31, Thomas Lamprecht wrote:
> On 10.02.22 15:52, Dominik Csapak wrote:
>> by adding an optional parameter 'encode' (enabled by default). When it
>> is disabled, the content must be base64 encoded already. This
>> way, users can send a binary file to the vm by base64 encoding it
>> themselves
>>
>> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
>> ---
>>   PVE/API2/Qemu/Agent.pm | 20 ++++++++++++++++++--
>>   1 file changed, 18 insertions(+), 2 deletions(-)
>>
>>
> 
> applied, with some cleanups in general as followup and another one dropping
> the base64 check with the assumption that it can be relatively expensive, the
> user needs to turn off auto-encode explicitly already and QEMU/QGA should be
> able to cope with bogus input - or do you know a case when this isn't true?
> As then we can just revert it again.
> 
>   thanks!


no, i just did it to safeguard in the api instead, but checking again
they return "Base64 data contains invalid characters" for bogus
data anyway so that's better

thanks