From ba88fc4f04428c1064bc4eee85acbdf1a3123c4c Mon Sep 17 00:00:00 2001
Message-Id: <ba88fc4f04428c1064bc4eee85acbdf1a3123c4c@dist-git>
From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 30 Mar 2020 17:21:40 +0200
Subject: [PATCH] virStorageSourceNetCookieValidate: Accept quoted cookie value
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The quotes are forbidden only inside the value, but the value itself may
be enclosed in quotes. Fix the RNG schema and validator and add a test
case.

https://bugzilla.redhat.com/show_bug.cgi?id=1804750

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit b9166baebe70a4b3577ddb6b2ee6af0dd4f60759)
Message-Id: <f8f910f4e61e0e9434591a02c5d2e50b3d78edc5.1585581552.git.pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
---
 docs/schemas/domaincommon.rng                 |  2 +-
 src/util/virstoragefile.c                     | 19 ++++++++++++++++++-
 .../disk-network-http.x86_64-latest.args      |  4 ++--
 tests/qemuxml2argvdata/disk-network-http.xml  |  4 ++--
 .../disk-network-http.x86_64-latest.xml       |  4 ++--
 5 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 3a0edbed97..ac6f180382 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -1846,7 +1846,7 @@
             </data>
           </attribute>
           <data type="string">
-            <param name="pattern">[!#$%&amp;'()*+\-./0-9:&gt;=&lt;?@A-Z\^_`\[\]a-z|~]+</param>
+            <param name="pattern">"?[!#$%&amp;'()*+\-./0-9:&gt;=&lt;?@A-Z\^_`\[\]a-z|~]+"?</param>
           </data>
         </element>
       </oneOrMore>
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index 3eb32edc2a..f8d741f040 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -2217,6 +2217,10 @@ static const char virStorageSourceCookieNameInvalidChars[] =
 static int
 virStorageSourceNetCookieValidate(virStorageNetCookieDefPtr def)
 {
+    g_autofree char *val = g_strdup(def->value);
+    const char *checkval = val;
+    size_t len = strlen(val);
+
     /* name must have at least 1 character */
     if (*(def->name) == '\0') {
         virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -2233,8 +2237,21 @@ virStorageSourceNetCookieValidate(virStorageNetCookieDefPtr def)
         return -1;
     }
 
+    /* check for optional quotes around the cookie value string */
+    if (val[0] == '"') {
+        if (val[len - 1] != '"') {
+            virReportError(VIR_ERR_XML_ERROR,
+                           _("value of cookie '%s' contains invalid characters"),
+                           def->name);
+            return -1;
+        }
+
+        val[len - 1] = '\0';
+        checkval++;
+    }
+
     /* check invalid characters in value */
-    if (virStringHasChars(def->value, virStorageSourceCookieValueInvalidChars)) {
+    if (virStringHasChars(checkval, virStorageSourceCookieValueInvalidChars)) {
         virReportError(VIR_ERR_XML_ERROR,
                        _("value of cookie '%s' contains invalid characters"),
                        def->name);
diff --git a/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args b/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
index 2f2849ebdf..46aa5f23ce 100644
--- a/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
+++ b/tests/qemuxml2argvdata/disk-network-http.x86_64-latest.args
@@ -42,7 +42,7 @@ id=virtio-disk0,bootindex=1 \
 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=libvirt-3-format,\
 id=virtio-disk1 \
 -object secret,id=libvirt-2-storage-httpcookie-secret0,\
-data=DrPR9NA6GKJb7qi1KbjHad3f3UIGTTDmAmOZHHv1F5w5T8rhnk3f+uSKStHe0J2O,\
+data=DrPR9NA6GKJb7qi1KbjHaealKEMVtOWUl2h3yvO5lgIh6cyLHemmlg+h9fcgwREA,\
 keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -blockdev '{"driver":"http","url":"http://example.org:1234/test3.img",\
 "cookie-secret":"libvirt-2-storage-httpcookie-secret0",\
@@ -52,7 +52,7 @@ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=libvirt-2-format,\
 id=virtio-disk2 \
 -object secret,id=libvirt-1-storage-httpcookie-secret0,\
-data=DrPR9NA6GKJb7qi1KbjHad3f3UIGTTDmAmOZHHv1F5w5T8rhnk3f+uSKStHe0J2O,\
+data=DrPR9NA6GKJb7qi1KbjHaealKEMVtOWUl2h3yvO5lgIh6cyLHemmlg+h9fcgwREA,\
 keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -blockdev '{"driver":"https","url":"https://example.org:1234/test4.img",\
 "sslverify":false,"cookie-secret":"libvirt-1-storage-httpcookie-secret0",\
diff --git a/tests/qemuxml2argvdata/disk-network-http.xml b/tests/qemuxml2argvdata/disk-network-http.xml
index 20024c732e..93e6617433 100644
--- a/tests/qemuxml2argvdata/disk-network-http.xml
+++ b/tests/qemuxml2argvdata/disk-network-http.xml
@@ -35,7 +35,7 @@
         <host name='example.org' port='1234'/>
         <cookies>
           <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>"blurb"</cookie>
         </cookies>
       </source>
       <target dev='vdc' bus='virtio'/>
@@ -47,7 +47,7 @@
         <ssl verify='no'/>
         <cookies>
           <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>&quot;blurb&quot;</cookie>
         </cookies>
       </source>
       <target dev='vdd' bus='virtio'/>
diff --git a/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml b/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
index 238a5fef58..60073c227c 100644
--- a/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
+++ b/tests/qemuxml2xmloutdata/disk-network-http.x86_64-latest.xml
@@ -38,7 +38,7 @@
         <host name='example.org' port='1234'/>
         <cookies>
           <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>&quot;blurb&quot;</cookie>
         </cookies>
       </source>
       <target dev='vdc' bus='virtio'/>
@@ -51,7 +51,7 @@
         <ssl verify='no'/>
         <cookies>
           <cookie name='test'>testcookievalue</cookie>
-          <cookie name='test2'>blurb</cookie>
+          <cookie name='test2'>&quot;blurb&quot;</cookie>
         </cookies>
       </source>
       <target dev='vdd' bus='virtio'/>
-- 
2.26.0