Missing Lease Id Validation
cliedeman opened this issue · comments
Which service(blob, file, queue, table) does this issue concern?
blob
Which version of the Azurite was used?
latest as of today
Where do you get Azurite? (npm, DockerHub, NuGet, Visual Studio Code Extension)
docker
What's the Node.js version?
What problem was encountered?
Difference between azure storage account and azure
Steps to reproduce the issue?
Create a least with a non guid id
Azure Error:
The value for one of the HTTP headers is not in the correct format.
If possible, please provide the debug log using the -d parameter, replacing <pathtodebuglog> with an appropriate path for your OS, or review the instructions for docker containers:
-d "<pathtodebuglog>"
Please be sure to remove any PII or sensitive information before sharing!
The debug log will log raw request headers and bodies, so that we can replay these against Azurite using REST and create tests to validate resolution.
Have you found a mitigation/solution?
Use a valid lease id
Thanks for raising this issue!
To fix this issue we can add validation code for input proposedLeaseId
in following functions, to make sure it's GUID:
Blob lease:
Azurite/src/blob/handlers/BlobHandler.ts
Line 374 in d544d16
Azurite/src/blob/handlers/BlobHandler.ts
Line 506 in d544d16
Container lease:
Azurite/src/blob/handlers/ContainerHandler.ts
Line 384 in d544d16
Azurite/src/blob/handlers/ContainerHandler.ts
Line 548 in d544d16
Azurite welcome contribution!
It would be great if you could raise a PR to fix this!