virStorageSourceNetCookieValidate: Accept quoted cookie value

The quotes are forbidden only inside the value, but the value itself may be enclosed in quotes. Fix the RNG schema and validator and add a test case. https://bugzilla.redhat.com/show_bug.cgi?id=1804750Signed-off-by: N Peter Krempa <pkrempa@redhat.com> Reviewed-by: N Ján Tomko <jtomko@redhat.com>

virStorageSourceNetCookieValidate: Accept quoted cookie value
The quotes are forbidden only inside the value, but the value itself may be enclosed in quotes. Fix the RNG schema and validator and add a test case. https://bugzilla.redhat.com/show_bug.cgi?id=1804750Signed-off-by: N Peter Krempa <pkrempa@redhat.com> Reviewed-by: N Ján Tomko <jtomko@redhat.com>
b9166bae · Peter Krempa · c34ec56a · b9166bae · b9166bae · b9166bae
5 changed file
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -1852,7 +1852,7 @@
            </data>
          </attribute>
          <data type="string">
-            <param name="pattern">[!#$%&amp;'()*+\-./0-9:&gt;=&lt;?@A-Z\^_`\[\]a-z|~]+</param>
+            <param name="pattern">"?[!#$%&amp;'()*+\-./0-9:&gt;=&lt;?@A-Z\^_`\[\]a-z|~]+"?</param>
          </data>
        </element>
      </oneOrMore>

--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -2217,6 +2217,10 @@ static const char virStorageSourceCookieNameInvalidChars[] =
 static int
 virStorageSourceNetCookieValidate(virStorageNetCookieDefPtr def)
 {
+    g_autofree char *val = g_strdup(def->value);
+    const char *checkval = val;
+    size_t len = strlen(val);
+
    /* name must have at least 1 character */
    if (*(def->name) == '\0') {
        virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -2233,8 +2237,21 @@ virStorageSourceNetCookieValidate(virStorageNetCookieDefPtr def)
        return -1;
    }

+    /* check for optional quotes around the cookie value string */
+    if (val[0] == '"') {
+        if (val[len - 1] != '"') {
+            virReportError(VIR_ERR_XML_ERROR,
+                           _("value of cookie '%s' contains invalid characters"),
+                           def->name);
+            return -1;
+        }
+
+        val[len - 1] = '\0';
+        checkval++;
+    }
+
    /* check invalid characters in value */
-    if (virStringHasChars(def->value, virStorageSourceCookieValueInvalidChars)) {
+    if (virStringHasChars(checkval, virStorageSourceCookieValueInvalidChars)) {
        virReportError(VIR_ERR_XML_ERROR,
                       _("value of cookie '%s' contains invalid characters"),
                       def->name);

--- a/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
+++ b/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
@@ -43,7 +43,7 @@ id=virtio-disk0,bootindex=1 \
 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=libvirt-3-format,\
 id=virtio-disk1 \
 -object secret,id=libvirt-2-storage-httpcookie-secret0,\
-data=DrPR9NA6GKJb7qi1KbjHad3f3UIGTTDmAmOZHHv1F5w5T8rhnk3f+uSKStHe0J2O,\
+data=DrPR9NA6GKJb7qi1KbjHaealKEMVtOWUl2h3yvO5lgIh6cyLHemmlg+h9fcgwREA,\
 keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -blockdev '{"driver":"http","url":"http://example.org:1234/test3.img",\
 "cookie-secret":"libvirt-2-storage-httpcookie-secret0",\
@@ -53,7 +53,7 @@ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=libvirt-2-format,\
 id=virtio-disk2 \
 -object secret,id=libvirt-1-storage-httpcookie-secret0,\
-data=DrPR9NA6GKJb7qi1KbjHad3f3UIGTTDmAmOZHHv1F5w5T8rhnk3f+uSKStHe0J2O,\
+data=DrPR9NA6GKJb7qi1KbjHaealKEMVtOWUl2h3yvO5lgIh6cyLHemmlg+h9fcgwREA,\
 keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -blockdev '{"driver":"https","url":"https://example.org:1234/test4.img",\
 "sslverify":false,"cookie-secret":"libvirt-1-storage-httpcookie-secret0",\

--- a/tests/qemuxml2argvdata/disk-network-http.xml
+++ b/tests/qemuxml2argvdata/disk-network-http.xml
@@ -35,7 +35,7 @@
        <host name='example.org' port='1234'/>
        <cookies>
          <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>"blurb"</cookie>
        </cookies>
      </source>
      <target dev='vdc' bus='virtio'/>
@@ -47,7 +47,7 @@
        <ssl verify='no'/>
        <cookies>
          <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>&quot;blurb&quot;</cookie>
        </cookies>
      </source>
      <target dev='vdd' bus='virtio'/>

--- a/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
+++ b/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
@@ -41,7 +41,7 @@
        <host name='example.org' port='1234'/>
        <cookies>
          <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>&quot;blurb&quot;</cookie>
        </cookies>
      </source>
      <target dev='vdc' bus='virtio'/>
@@ -54,7 +54,7 @@
        <ssl verify='no'/>
        <cookies>
          <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>&quot;blurb&quot;</cookie>
        </cookies>
      </source>
      <target dev='vdd' bus='virtio'/>