Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rgw: fix buffer overflow in s3 select op #39514

Merged
merged 1 commit into from Feb 18, 2021
Merged

rgw: fix buffer overflow in s3 select op #39514

merged 1 commit into from Feb 18, 2021

Conversation

galsalomon66
Copy link
Contributor

@galsalomon66 galsalomon66 commented Feb 17, 2021
edited

there could a case where capacity is equal to string size, and cause invalid write(4 bytes); thus also the last 4-bytes are appended

Signed-off-by: galsalomon66 gal.salomon@gmail.com

Checklist

  • References tracker ticket
  • Updates documentation if necessary
  • Includes tests for new functionality or reproducer for bug
Show available Jenkins commands
  • jenkins retest this please
  • jenkins test classic perf
  • jenkins test crimson perf
  • jenkins test signed
  • jenkins test make check
  • jenkins test make check arm64
  • jenkins test submodules
  • jenkins test dashboard
  • jenkins test api
  • jenkins test docs
  • jenkins render docs
  • jenkins test ceph-volume all
  • jenkins test ceph-volume tox

@galsalomon66
there could a case where capacity is equal to string size, and cause …
f59f60c 
…invalid write(4 bytes); thus also the last 4-bytes are appended

Signed-off-by: galsalomon66 <gal.salomon@gmail.com>
@github-actions github-actions bot added the rgw label Feb 17, 2021
@galsalomon66 galsalomon66 mentioned this pull request Feb 17, 2021
Closed
3 tasks
@galsalomon66 galsalomon66 changed the title there could a case where capacity is equal to string size, and cause … rgw: fix buffer overflow in s3 select op Feb 17, 2021
@cbodley
Copy link
Contributor

cbodley commented Feb 17, 2021

thanks @galsalomon66!

have you had a chance to look at the warnings in https://tracker.ceph.com/issues/49167?

@galsalomon66
Copy link
Contributor Author

no (it redirect to wrong email)
will fix that.

@galsalomon66
Copy link
Contributor Author

http://pulpito.front.sepia.ceph.com/gsalomon-2021-02-17_17:46:47-rgw:verify-fix_buffer_overflow-distro-basic-smithi/
6 had failed, not seems related to changes.
44 s3select tests complete with success (no failures)

@galsalomon66 galsalomon66 merged commit 0b4ab19 into master Feb 18, 2021
@galsalomon66 galsalomon66 deleted the fix_buffer_overflow branch February 18, 2021 08:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cbodley cbodley cbodley approved these changes

Assignees
No one assigned
Labels
bug-fix needs-qa rgw wip-cbodley-testing
Projects
None yet
Milestone
No milestone
2 participants
@galsalomon66 @cbodley