virStorageSourceNetCookieValidate: Accept quoted cookie value

The quotes are forbidden only inside the value, but the value itself may
be enclosed in quotes. Fix the RNG schema and validator and add a test
case.

https://bugzilla.redhat.com/show_bug.cgi?id=1804750

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index d147b9afceb55fb43ceb92ffa27cac5d20081f94..5de17593c1574a9cd4891f5be457f901e677ccda 100644 (file)
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -1852,7 +1852,7 @@
             </data>
           </attribute>
           <data type="string">
-            <param name="pattern">[!#$%&amp;'()*+\-./0-9:&gt;=&lt;?@A-Z\^_`\[\]a-z|~]+</param>
+            <param name="pattern">"?[!#$%&amp;'()*+\-./0-9:&gt;=&lt;?@A-Z\^_`\[\]a-z|~]+"?</param>
           </data>
         </element>
       </oneOrMore>

diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index d81ed70a971f1e7c4865b59fc8f60607c89ffe24..c43e52d1f64dd61458ea2c91c07ad5323a89722d 100644 (file)
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -2217,6 +2217,10 @@ static const char virStorageSourceCookieNameInvalidChars[] =
 static int
 virStorageSourceNetCookieValidate(virStorageNetCookieDefPtr def)
 {
+    g_autofree char *val = g_strdup(def->value);
+    const char *checkval = val;
+    size_t len = strlen(val);
+
     /* name must have at least 1 character */
     if (*(def->name) == '\0') {
         virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -2233,8 +2237,21 @@ virStorageSourceNetCookieValidate(virStorageNetCookieDefPtr def)
         return -1;
     }
 
+    /* check for optional quotes around the cookie value string */
+    if (val[0] == '"') {
+        if (val[len - 1] != '"') {
+            virReportError(VIR_ERR_XML_ERROR,
+                           _("value of cookie '%s' contains invalid characters"),
+                           def->name);
+            return -1;
+        }
+
+        val[len - 1] = '\0';
+        checkval++;
+    }
+
     /* check invalid characters in value */
-    if (virStringHasChars(def->value, virStorageSourceCookieValueInvalidChars)) {
+    if (virStringHasChars(checkval, virStorageSourceCookieValueInvalidChars)) {
         virReportError(VIR_ERR_XML_ERROR,
                        _("value of cookie '%s' contains invalid characters"),
                        def->name);

diff --git a/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args b/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
index e14498f778ddb881d3abeeb75f030d944d359664..ed44424dc3cd642e7f69d945b08aa2d635d074de 100644 (file)
--- a/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
+++ b/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
@@ -43,7 +43,7 @@ id=virtio-disk0,bootindex=1 \
 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=libvirt-3-format,\
 id=virtio-disk1 \
 -object secret,id=libvirt-2-storage-httpcookie-secret0,\
-data=DrPR9NA6GKJb7qi1KbjHad3f3UIGTTDmAmOZHHv1F5w5T8rhnk3f+uSKStHe0J2O,\
+data=DrPR9NA6GKJb7qi1KbjHaealKEMVtOWUl2h3yvO5lgIh6cyLHemmlg+h9fcgwREA,\
 keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -blockdev '{"driver":"http","url":"http://example.org:1234/test3.img",\
 "cookie-secret":"libvirt-2-storage-httpcookie-secret0",\
@@ -53,7 +53,7 @@ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=libvirt-2-format,\
 id=virtio-disk2 \
 -object secret,id=libvirt-1-storage-httpcookie-secret0,\
-data=DrPR9NA6GKJb7qi1KbjHad3f3UIGTTDmAmOZHHv1F5w5T8rhnk3f+uSKStHe0J2O,\
+data=DrPR9NA6GKJb7qi1KbjHaealKEMVtOWUl2h3yvO5lgIh6cyLHemmlg+h9fcgwREA,\
 keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -blockdev '{"driver":"https","url":"https://example.org:1234/test4.img",\
 "sslverify":false,"cookie-secret":"libvirt-1-storage-httpcookie-secret0",\

diff --git a/tests/qemuxml2argvdata/disk-network-http.xml b/tests/qemuxml2argvdata/disk-network-http.xml
index 20024c732efbcb0b64014332a61fe988f8bf92de..93e6617433c5afcf98c5984644fdd8b48235fb20 100644 (file)
--- a/tests/qemuxml2argvdata/disk-network-http.xml
+++ b/tests/qemuxml2argvdata/disk-network-http.xml
@@ -35,7 +35,7 @@
         <host name='example.org' port='1234'/>
         <cookies>
           <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>"blurb"</cookie>
         </cookies>
       </source>
       <target dev='vdc' bus='virtio'/>
@@ -47,7 +47,7 @@
         <ssl verify='no'/>
         <cookies>
           <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>&quot;blurb&quot;</cookie>
         </cookies>
       </source>
       <target dev='vdd' bus='virtio'/>

diff --git a/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml b/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
index 9e78785d0dd4035af7b0ef2cda83c6463b8102fc..cf363312866368082fc87c3322adc02497391433 100644 (file)
--- a/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
+++ b/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
@@ -41,7 +41,7 @@
         <host name='example.org' port='1234'/>
         <cookies>
           <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>&quot;blurb&quot;</cookie>
         </cookies>
       </source>
       <target dev='vdc' bus='virtio'/>
@@ -54,7 +54,7 @@
         <ssl verify='no'/>
         <cookies>
           <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>&quot;blurb&quot;</cookie>
         </cookies>
       </source>
       <target dev='vdd' bus='virtio'/>