|
 |
b971b8 |
From 898e0003ae21e9fbe49995980c8746e9d2ac9b8b Mon Sep 17 00:00:00 2001
|
|
|
b971b8 |
Message-Id: <898e0003ae21e9fbe49995980c8746e9d2ac9b8b@dist-git>
|
|
|
b971b8 |
From: Peter Krempa <pkrempa@redhat.com>
|
|
|
b971b8 |
Date: Tue, 23 Jun 2020 14:23:06 +0200
|
|
|
b971b8 |
Subject: [PATCH] conf: Don't format http cookies unless
|
|
|
b971b8 |
VIR_DOMAIN_DEF_FORMAT_SECURE is used
|
|
|
b971b8 |
|
|
|
b971b8 |
Starting with 3b076391befc3fe72deb0c244ac6c2b4c100b410
|
|
|
b971b8 |
(v6.1.0-122-g3b076391be) we support http cookies. Since they may contain
|
|
|
b971b8 |
somewhat sensitive information we should not format them into the XML
|
|
|
b971b8 |
unless VIR_DOMAIN_DEF_FORMAT_SECURE is asserted.
|
|
|
b971b8 |
|
|
|
b971b8 |
Reported-by: Han Han <hhan@redhat.com>
|
|
|
b971b8 |
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
|
|
b971b8 |
Reviewed-by: Erik Skultety <eskultet@redhat.com>
|
|
|
b971b8 |
(cherry picked from commit a5b064bf4b17a9884d7d361733737fb614ad8979)
|
|
|
b971b8 |
|
|
|
b971b8 |
CVE-2020-14301
|
|
|
b971b8 |
Message-Id: <592a0b594666f580e743b6bd2b4ddccbd1e0cc7c.1592914898.git.pkrempa@redhat.com>
|
|
|
b971b8 |
|
|
|
b971b8 |
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
b971b8 |
---
|
|
|
b971b8 |
src/conf/domain_conf.c | 8 ++++++--
|
|
|
b971b8 |
1 file changed, 6 insertions(+), 2 deletions(-)
|
|
|
b971b8 |
|
|
|
b971b8 |
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
|
|
|
b971b8 |
index ed9ca0e9d8..60962ee7c1 100644
|
|
|
b971b8 |
--- a/src/conf/domain_conf.c
|
|
|
b971b8 |
+++ b/src/conf/domain_conf.c
|
|
|
b971b8 |
@@ -24377,11 +24377,15 @@ virDomainSourceDefFormatSeclabel(virBufferPtr buf,
|
|
|
b971b8 |
|
|
|
b971b8 |
static void
|
|
|
b971b8 |
virDomainDiskSourceFormatNetworkCookies(virBufferPtr buf,
|
|
|
b971b8 |
- virStorageSourcePtr src)
|
|
|
b971b8 |
+ virStorageSourcePtr src,
|
|
|
b971b8 |
+ unsigned int flags)
|
|
|
b971b8 |
{
|
|
|
b971b8 |
g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf);
|
|
|
b971b8 |
size_t i;
|
|
|
b971b8 |
|
|
|
b971b8 |
+ if (!(flags & VIR_DOMAIN_DEF_FORMAT_SECURE))
|
|
|
b971b8 |
+ return;
|
|
|
b971b8 |
+
|
|
|
b971b8 |
for (i = 0; i < src->ncookies; i++) {
|
|
|
b971b8 |
virBufferEscapeString(&childBuf, "<cookie name='%s'>", src->cookies[i]->name);
|
|
|
b971b8 |
virBufferEscapeString(&childBuf, "%s</cookie>\n", src->cookies[i]->value);
|
|
|
b971b8 |
@@ -24442,7 +24446,7 @@ virDomainDiskSourceFormatNetwork(virBufferPtr attrBuf,
|
|
|
b971b8 |
virTristateBoolTypeToString(src->sslverify));
|
|
|
b971b8 |
}
|
|
|
b971b8 |
|
|
|
b971b8 |
- virDomainDiskSourceFormatNetworkCookies(childBuf, src);
|
|
|
b971b8 |
+ virDomainDiskSourceFormatNetworkCookies(childBuf, src, flags);
|
|
|
b971b8 |
|
|
|
b971b8 |
if (src->readahead)
|
|
|
b971b8 |
virBufferAsprintf(childBuf, "<readahead size='%llu'/>\n", src->readahead);
|
|
|
b971b8 |
--
|
|
|
b971b8 |
2.27.0
|
|
|
b971b8 |
|