Add stricter format checking for incoming timestamps in an rspec

5ca81df7 · Jonathon Duerig · 48368b9d · 5ca81df7 · 5ca81df7
Commit 5ca81df7 authored Apr 26, 2013 by Jonathon Duerig
--- a/protogeni/lib/GeniCM.pm.in
+++ b/protogeni/lib/GeniCM.pm.in
@@ -608,9 +608,8 @@ sub GetTicketAuxAux($$$$$$$$$)
    #
    my $expires = GeniXML::GetExpires($rspec);
    if (defined($expires)) {
-	if (! ($expires =~ /^[-\w:.\/]+/)) {
-	    return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
-					"Illegal valid_until in rspec");
+	if (GeniResponse::IsResponse($expires)) {
+	    return $expires;
 	}
 	# Convert to a localtime.
 	my $when = str2time($expires);
@@ -2817,7 +2816,7 @@ sub SliverWorkAux($$$$$$$)
    #
    my $expires = GeniXML::GetExpires($rspec);
    if (defined($expires)) {
-	if (! ($expires =~ /^[-\w:.\/]+/)) {
+	if (GeniResponse::IsResponse($expires)) {
 	    $message = "Illegal valid_until in rspec";
 	    goto bad;
 	}

--- a/protogeni/lib/GeniXML.pm.in
+++ b/protogeni/lib/GeniXML.pm.in
@@ -50,6 +50,7 @@ use XML::LibXML;
 use XML::LibXML::XPathContext;
 use XML::LibXML::NodeList;
 use GeniHRN;
+use GeniResponse;
 use GeniUtil;
 use Carp qw(cluck carp);

@@ -338,7 +339,18 @@ sub IsTunnel($)
 sub GetExpires($)
 {
    my ($node) = @_;
-    return GetFirstText($node, "valid_until", "expires");
+    my $result = undef;
+    my $text = GetFirstText($node, "valid_until", "expires");
+    if (defined($text)) {
+	if ($text =~
+	  /[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}T[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}Z/) {
+	    $result = $text;
+	} else {
+	    $result = GeniResponse->Create(GENIRESPONSE_ERROR, undef,
+					   "$text: Invalid Datetime Format");
+	}
+    }
+    return $result;
 }

 sub SetExpires($$)