|
 |
d76c62 |
From ba88fc4f04428c1064bc4eee85acbdf1a3123c4c Mon Sep 17 00:00:00 2001
|
|
|
d76c62 |
Message-Id: <ba88fc4f04428c1064bc4eee85acbdf1a3123c4c@dist-git>
|
|
|
d76c62 |
From: Peter Krempa <pkrempa@redhat.com>
|
|
|
d76c62 |
Date: Mon, 30 Mar 2020 17:21:40 +0200
|
|
|
d76c62 |
Subject: [PATCH] virStorageSourceNetCookieValidate: Accept quoted cookie value
|
|
|
d76c62 |
MIME-Version: 1.0
|
|
|
d76c62 |
Content-Type: text/plain; charset=UTF-8
|
|
|
d76c62 |
Content-Transfer-Encoding: 8bit
|
|
|
d76c62 |
|
|
|
d76c62 |
The quotes are forbidden only inside the value, but the value itself may
|
|
|
d76c62 |
be enclosed in quotes. Fix the RNG schema and validator and add a test
|
|
|
d76c62 |
case.
|
|
|
d76c62 |
|
|
|
d76c62 |
https://bugzilla.redhat.com/show_bug.cgi?id=1804750
|
|
|
d76c62 |
|
|
|
d76c62 |
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
|
|
d76c62 |
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
|
d76c62 |
(cherry picked from commit b9166baebe70a4b3577ddb6b2ee6af0dd4f60759)
|
|
|
d76c62 |
Message-Id: <f8f910f4e61e0e9434591a02c5d2e50b3d78edc5.1585581552.git.pkrempa@redhat.com>
|
|
|
d76c62 |
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
d76c62 |
---
|
|
|
d76c62 |
docs/schemas/domaincommon.rng | 2 +-
|
|
|
d76c62 |
src/util/virstoragefile.c | 19 ++++++++++++++++++-
|
|
|
d76c62 |
.../disk-network-http.x86_64-latest.args | 4 ++--
|
|
|
d76c62 |
tests/qemuxml2argvdata/disk-network-http.xml | 4 ++--
|
|
|
d76c62 |
.../disk-network-http.x86_64-latest.xml | 4 ++--
|
|
|
d76c62 |
5 files changed, 25 insertions(+), 8 deletions(-)
|
|
|
d76c62 |
|
|
|
d76c62 |
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
|
|
|
d76c62 |
index 3a0edbed97..ac6f180382 100644
|
|
|
d76c62 |
--- a/docs/schemas/domaincommon.rng
|
|
|
d76c62 |
+++ b/docs/schemas/domaincommon.rng
|
|
|
d76c62 |
@@ -1846,7 +1846,7 @@
|
|
|
d76c62 |
</data>
|
|
|
d76c62 |
</attribute>
|
|
|
d76c62 |
<data type="string">
|
|
|
d76c62 |
- <param name="pattern">[!#$%&'()*+\-./0-9:>=<?@A-Z\^_`\[\]a-z|~]+</param>
|
|
|
d76c62 |
+ <param name="pattern">"?[!#$%&'()*+\-./0-9:>=<?@A-Z\^_`\[\]a-z|~]+"?</param>
|
|
|
d76c62 |
</data>
|
|
|
d76c62 |
</element>
|
|
|
d76c62 |
</oneOrMore>
|
|
|
d76c62 |
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
|
|
|
d76c62 |
index 3eb32edc2a..f8d741f040 100644
|
|
|
d76c62 |
--- a/src/util/virstoragefile.c
|
|
|
d76c62 |
+++ b/src/util/virstoragefile.c
|
|
|
d76c62 |
@@ -2217,6 +2217,10 @@ static const char virStorageSourceCookieNameInvalidChars[] =
|
|
|
d76c62 |
static int
|
|
|
d76c62 |
virStorageSourceNetCookieValidate(virStorageNetCookieDefPtr def)
|
|
|
d76c62 |
{
|
|
|
d76c62 |
+ g_autofree char *val = g_strdup(def->value);
|
|
|
d76c62 |
+ const char *checkval = val;
|
|
|
d76c62 |
+ size_t len = strlen(val);
|
|
|
d76c62 |
+
|
|
|
d76c62 |
/* name must have at least 1 character */
|
|
|
d76c62 |
if (*(def->name) == '\0') {
|
|
|
d76c62 |
virReportError(VIR_ERR_XML_ERROR, "%s",
|
|
|
d76c62 |
@@ -2233,8 +2237,21 @@ virStorageSourceNetCookieValidate(virStorageNetCookieDefPtr def)
|
|
|
d76c62 |
return -1;
|
|
|
d76c62 |
}
|
|
|
d76c62 |
|
|
|
d76c62 |
+ /* check for optional quotes around the cookie value string */
|
|
|
d76c62 |
+ if (val[0] == '"') {
|
|
|
d76c62 |
+ if (val[len - 1] != '"') {
|
|
|
d76c62 |
+ virReportError(VIR_ERR_XML_ERROR,
|
|
|
d76c62 |
+ _("value of cookie '%s' contains invalid characters"),
|
|
|
d76c62 |
+ def->name);
|
|
|
d76c62 |
+ return -1;
|
|
|
d76c62 |
+ }
|
|
|
d76c62 |
+
|
|
|
d76c62 |
+ val[len - 1] = '\0';
|
|
|
d76c62 |
+ checkval++;
|
|
|
d76c62 |
+ }
|
|
|
d76c62 |
+
|
|
|
d76c62 |
/* check invalid characters in value */
|
|
|
d76c62 |
- if (virStringHasChars(def->value, virStorageSourceCookieValueInvalidChars)) {
|
|
|
d76c62 |
+ if (virStringHasChars(checkval, virStorageSourceCookieValueInvalidChars)) {
|
|
|
d76c62 |
virReportError(VIR_ERR_XML_ERROR,
|
|
|
d76c62 |
_("value of cookie '%s' contains invalid characters"),
|
|
|
d76c62 |
def->name);
|
|
|
d76c62 |
diff --git a/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args b/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
|
|
|
d76c62 |
index 2f2849ebdf..46aa5f23ce 100644
|
|
|
d76c62 |
--- a/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
|
|
|
d76c62 |
+++ b/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
|
|
|
d76c62 |
@@ -42,7 +42,7 @@ id=virtio-disk0,bootindex=1 \
|
|
|
d76c62 |
-device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=libvirt-3-format,\
|
|
|
d76c62 |
id=virtio-disk1 \
|
|
|
d76c62 |
-object secret,id=libvirt-2-storage-httpcookie-secret0,\
|
|
|
d76c62 |
-data=DrPR9NA6GKJb7qi1KbjHad3f3UIGTTDmAmOZHHv1F5w5T8rhnk3f+uSKStHe0J2O,\
|
|
|
d76c62 |
+data=DrPR9NA6GKJb7qi1KbjHaealKEMVtOWUl2h3yvO5lgIh6cyLHemmlg+h9fcgwREA,\
|
|
|
d76c62 |
keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
|
d76c62 |
-blockdev '{"driver":"http","url":"http://example.org:1234/test3.img",\
|
|
|
d76c62 |
"cookie-secret":"libvirt-2-storage-httpcookie-secret0",\
|
|
|
d76c62 |
@@ -52,7 +52,7 @@ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
|
d76c62 |
-device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=libvirt-2-format,\
|
|
|
d76c62 |
id=virtio-disk2 \
|
|
|
d76c62 |
-object secret,id=libvirt-1-storage-httpcookie-secret0,\
|
|
|
d76c62 |
-data=DrPR9NA6GKJb7qi1KbjHad3f3UIGTTDmAmOZHHv1F5w5T8rhnk3f+uSKStHe0J2O,\
|
|
|
d76c62 |
+data=DrPR9NA6GKJb7qi1KbjHaealKEMVtOWUl2h3yvO5lgIh6cyLHemmlg+h9fcgwREA,\
|
|
|
d76c62 |
keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
|
d76c62 |
-blockdev '{"driver":"https","url":"https://example.org:1234/test4.img",\
|
|
|
d76c62 |
"sslverify":false,"cookie-secret":"libvirt-1-storage-httpcookie-secret0",\
|
|
|
d76c62 |
diff --git a/tests/qemuxml2argvdata/disk-network-http.xml b/tests/qemuxml2argvdata/disk-network-http.xml
|
|
|
d76c62 |
index 20024c732e..93e6617433 100644
|
|
|
d76c62 |
--- a/tests/qemuxml2argvdata/disk-network-http.xml
|
|
|
d76c62 |
+++ b/tests/qemuxml2argvdata/disk-network-http.xml
|
|
|
d76c62 |
@@ -35,7 +35,7 @@
|
|
|
d76c62 |
<host name='example.org' port='1234'/>
|
|
|
d76c62 |
<cookies>
|
|
|
d76c62 |
<cookie name='test'>testcookievalue</cookie>
|
|
|
d76c62 |
- <cookie name='test2'>blurb</cookie>
|
|
|
d76c62 |
+ <cookie name='test2'>"blurb"</cookie>
|
|
|
d76c62 |
</cookies>
|
|
|
d76c62 |
</source>
|
|
|
d76c62 |
<target dev='vdc' bus='virtio'/>
|
|
|
d76c62 |
@@ -47,7 +47,7 @@
|
|
|
d76c62 |
<ssl verify='no'/>
|
|
|
d76c62 |
<cookies>
|
|
|
d76c62 |
<cookie name='test'>testcookievalue</cookie>
|
|
|
d76c62 |
- <cookie name='test2'>blurb</cookie>
|
|
|
d76c62 |
+ <cookie name='test2'>"blurb"</cookie>
|
|
|
d76c62 |
</cookies>
|
|
|
d76c62 |
</source>
|
|
|
d76c62 |
<target dev='vdd' bus='virtio'/>
|
|
|
d76c62 |
diff --git a/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml b/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
|
|
|
d76c62 |
index 238a5fef58..60073c227c 100644
|
|
|
d76c62 |
--- a/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
|
|
|
d76c62 |
+++ b/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
|
|
|
d76c62 |
@@ -38,7 +38,7 @@
|
|
|
d76c62 |
<host name='example.org' port='1234'/>
|
|
|
d76c62 |
<cookies>
|
|
|
d76c62 |
<cookie name='test'>testcookievalue</cookie>
|
|
|
d76c62 |
- <cookie name='test2'>blurb</cookie>
|
|
|
d76c62 |
+ <cookie name='test2'>"blurb"</cookie>
|
|
|
d76c62 |
</cookies>
|
|
|
d76c62 |
</source>
|
|
|
d76c62 |
<target dev='vdc' bus='virtio'/>
|
|
|
d76c62 |
@@ -51,7 +51,7 @@
|
|
|
d76c62 |
<ssl verify='no'/>
|
|
|
d76c62 |
<cookies>
|
|
|
d76c62 |
<cookie name='test'>testcookievalue</cookie>
|
|
|
d76c62 |
- <cookie name='test2'>blurb</cookie>
|
|
|
d76c62 |
+ <cookie name='test2'>"blurb"</cookie>
|
|
|
d76c62 |
</cookies>
|
|
|
d76c62 |
</source>
|
|
|
d76c62 |
<target dev='vdd' bus='virtio'/>
|
|
|
d76c62 |
--
|
|
|
d76c62 |
2.26.0
|
|
|
d76c62 |
|