From 898e0003ae21e9fbe49995980c8746e9d2ac9b8b Mon Sep 17 00:00:00 2001 Message-Id: <898e0003ae21e9fbe49995980c8746e9d2ac9b8b@dist-git> From: Peter Krempa Date: Tue, 23 Jun 2020 14:23:06 +0200 Subject: [PATCH] conf: Don't format http cookies unless VIR_DOMAIN_DEF_FORMAT_SECURE is used Starting with 3b076391befc3fe72deb0c244ac6c2b4c100b410 (v6.1.0-122-g3b076391be) we support http cookies. Since they may contain somewhat sensitive information we should not format them into the XML unless VIR_DOMAIN_DEF_FORMAT_SECURE is asserted. Reported-by: Han Han Signed-off-by: Peter Krempa Reviewed-by: Erik Skultety (cherry picked from commit a5b064bf4b17a9884d7d361733737fb614ad8979) CVE-2020-14301 Message-Id: <592a0b594666f580e743b6bd2b4ddccbd1e0cc7c.1592914898.git.pkrempa@redhat.com> Reviewed-by: Jiri Denemark --- src/conf/domain_conf.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index ed9ca0e9d8..60962ee7c1 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -24377,11 +24377,15 @@ virDomainSourceDefFormatSeclabel(virBufferPtr buf, static void virDomainDiskSourceFormatNetworkCookies(virBufferPtr buf, - virStorageSourcePtr src) + virStorageSourcePtr src, + unsigned int flags) { g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf); size_t i; + if (!(flags & VIR_DOMAIN_DEF_FORMAT_SECURE)) + return; + for (i = 0; i < src->ncookies; i++) { virBufferEscapeString(&childBuf, "", src->cookies[i]->name); virBufferEscapeString(&childBuf, "%s\n", src->cookies[i]->value); @@ -24442,7 +24446,7 @@ virDomainDiskSourceFormatNetwork(virBufferPtr attrBuf, virTristateBoolTypeToString(src->sslverify)); } - virDomainDiskSourceFormatNetworkCookies(childBuf, src); + virDomainDiskSourceFormatNetworkCookies(childBuf, src, flags); if (src->readahead) virBufferAsprintf(childBuf, "\n", src->readahead); -- 2.27.0