util: file: Don't carelessly sanitize URIs

rfc3986 states that the separator in URI path is a single slash. Multiple slashes may potentially lead to different resources and thus we should not remove them.
2024-10-01 20:05:46 +00:00 · 2015-04-08 10:57:07 +02:00 · 2015-04-08 10:57:07 +02:00 · fac04598bb
commit fac04598bb
parent b8e7facfa7
2 changed files with 13 additions and 0 deletions
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@ -2812,12 +2812,18 @@ char *
 virFileSanitizePath(const char *path)
 {
    const char *cur = path;
+    char *uri;
    char *cleanpath;
    int idx = 0;

    if (VIR_STRDUP(cleanpath, path) < 0)
        return NULL;

+    /* don't sanitize URIs - rfc3986 states that two slashes may lead to a
+     * different resource, thus removing them would possibly change the path */
+    if ((uri = strstr(path, "://")) && strchr(path, '/') > uri)
+        return cleanpath;
+
    /* Need to sanitize:
     * //           -> //
     * ///          -> /
--- a/tests/virfiletest.c
+++ b/tests/virfiletest.c
@ -165,6 +165,8 @@ mymain(void)
            ret = -1;                                                          \
    } while (0)

+#define DO_TEST_SANITIZE_PATH_SAME(PATH) DO_TEST_SANITIZE_PATH(PATH, PATH)
+
    virtTestCounterReset("testFileSanitizePath ");
    DO_TEST_SANITIZE_PATH("", "");
    DO_TEST_SANITIZE_PATH("/", "/");
@ -178,6 +180,11 @@ mymain(void)
    DO_TEST_SANITIZE_PATH("../../", "../..");
    DO_TEST_SANITIZE_PATH("//foo//bar", "//foo/bar");
    DO_TEST_SANITIZE_PATH("/bar//foo", "/bar/foo");
+    DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz/foo/hoo");
+    DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz//fooo/hoo");
+    DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz//////fooo/hoo");
+    DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz/fooo//hoo");
+    DO_TEST_SANITIZE_PATH_SAME("gluster://bar.baz/fooo///////hoo");

    return ret != 0 ? EXIT_FAILURE : EXIT_SUCCESS;
 }