rgw: Fix upload part copy range able to get almost any string #32487
Conversation
Fix upload part copy range able to get almost any string This PR intends to add more checking on HTTP_X_AMZ_COPY_SOURCE_RANGE header Signed-off-by: Or Friedmann <ofriedma@redhat.com>
| @@ -1785,8 +1786,20 @@ int RGWPutObj_ObjStore_S3::get_params() | |||
| } | |||
| string first = range.substr(0, pos); | |||
| string last = range.substr(pos + 1); | |||
| if (first.find_first_not_of("0123456789") != std::string::npos || last.find_first_not_of("0123456789") != std::string::npos) | |||
There was a problem hiding this comment.
Maybe use strict_strtoll() instead of manually checking?
There was a problem hiding this comment.
@dang
it would look like this to use strict_strtoll():
string *err_fst = new string();
string *err_lst = new string();
copy_source_range_fst = strict_strtoll(first.c_str(), 10, efst);
copy_source_range_lst = strict_strtoll(last.c_str(), 10, elst);
if (copy_source_range_fst > copy_source_range_lst || !efst->empty() || !elst->empty() || copy_source_range_fst < 0 || copy_source_range_lst < 0)
{
ret = -ERANGE;
ldpp_dout(this, 5) << "x-amz-copy-source-range bad format first number bigger than second" << dendl;
return ret;
}
}
I think it is adding more complex because we need to check for no error in the error string and check if we have negative numbers which we do not support with copy part.
what do you think to keeping it as it is now?
|
also check |
Fix upload part copy range able to get almost any string
This PR intends to add more checking on HTTP_X_AMZ_COPY_SOURCE_RANGE header
Signed-off-by: Or Friedmann ofriedma@redhat.com
Fixes: https://tracker.ceph.com/issues/43461