New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
hammer: rgw: do not abort when accept a CORS request with short origin #12398
Conversation
Fixed: ceph#18187 when accept a CROS request, the request http origin shorter than the bucket's corsrule (eg. origin: http://s.com corsrule: <AllowedOrigin>*.verylongdomain.com</AllowedOrigin>). the rgw_cors.cc::is_string_in_set() will have a wrong index, the radosrgw server will abort. $ curl http://test.localhost:8000/app.data -H "Origin:http://s.com" 0> 2016-12-05 03:22:29.548138 7f6add05d700 -1 *** Caught signal (Aborted) ** in thread 7f6add05d700 thread_name:civetweb-worker ceph version 11.0.2-2168-gd2f8fb4 (d2f8fb4) 1: (()+0x50720a) [0x7f6b147c420a] 2: (()+0xf370) [0x7f6b09a33370] 3: (gsignal()+0x37) [0x7f6b081ca1d7] 4: (abort()+0x148) [0x7f6b081cb8c8] 5: (__gnu_cxx::__verbose_terminate_handler()+0x165) [0x7f6b08ace9d5] 6: (()+0x5e946) [0x7f6b08acc946] 7: (()+0x5e973) [0x7f6b08acc973] 8: (()+0x5eb93) [0x7f6b08accb93] 9: (std::__throw_out_of_range(char const*)+0x77) 0x7f6b08b21a17] 10: (()+0xbd97a) [0x7f6b08b2b97a] 11: (()+0x449c1e) [0x7f6b14706c1e] 12: (RGWCORSRule::is_origin_present(char const*)+0x48) [0x7f6b147073b8] 13: (RGWCORSConfiguration::host_name_rule(char const*)+0x37) [0x7f6b147074e7] 14: (RGWOp::generate_cors_headers(std::string&, std::string&, std::string&, std::string&, unsigned int*)+0xa3) [0x7f6b14593e63] 15: (dump_access_control(req_state*, RGWOp*)+0x61) [0x7f6b14653f91] Signed-off-by: LiuYang <yippeetry@gmail.com> (cherry picked from commit 67d4d9e)
original description Fixed: #18187 when accept a CROS request, the request http origin shorter than the bucket's corsrule $ curl http://test.localhost:8000/app.data -H "Origin:http://s.com" 0> 2016-12-05 03:22:29.548138 7f6add05d700 -1 *** Caught signal (Aborted) ** ceph version 11.0.2-2168-gd2f8fb4 (d2f8fb4) Signed-off-by: LiuYang yippeetry@gmail.com |
…a CORS request with short origin Reviewed-by: Nathan Cutler <ncutler@suse.com>
…RS request with short origin Reviewed-by: Nathan Cutler <ncutler@suse.com>
…RS request with short origin Reviewed-by: Nathan Cutler <ncutler@suse.com>
…RS request with short origin Reviewed-by: Nathan Cutler <ncutler@suse.com>
@mattbenjamin @oritwas @yehudasa This PR passed an rgw suite as detailed by http://tracker.ceph.com/issues/17151#note-30 Do you think it's OK to merge? |
This passed another RGW suite at http://tracker.ceph.com/issues/17151#note-35 |
lgtm |
http://tracker.ceph.com/issues/18213