domain_conf: graphics: properly escape user provided strings when formatting XML

This was reported on virt-manager issue tracker as it was possible to
provide `listen` attribute with properly escaped characters but libvirt
would format XML without escaping it.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

src/conf/domain_conf.c

@@ -26340,7 +26340,7 @@ virDomainGraphicsListenDefFormat(virBuffer *buf,
           !(flags & VIR_DOMAIN_DEF_FORMAT_INACTIVE)))) {
         /* address may also be set to show current status when type='network',
          * but we don't want to print that if INACTIVE data is requested. */
-        virBufferAsprintf(&attrBuf, " address='%s'", def->address);
+        virBufferEscapeString(&attrBuf, " address='%s'", def->address);
     }
 
     if (def->network &&
@@ -26429,7 +26429,7 @@ virDomainGraphicsListenDefFormatAddr(virBuffer *buf,
         return;
 
     if (glisten->address)
-        virBufferAsprintf(buf, " listen='%s'", glisten->address);
+        virBufferEscapeString(buf, " listen='%s'", glisten->address);
 }
 
 static void