S3 API: validate obj names; multipart pathnames

* s3: add obj names validation * multipart put: create full pathname (safe since validated) Signed-off-by: Alex Aizman <[email protected]>
NVIDIA · Jan 23, 2024 · a166158 · a166158
1 parent bb33642
commit a166158
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 3 deletions.
diff --git a/ais/htrun.go b/ais/htrun.go
@@ -1267,8 +1267,8 @@ func (h *htrun) writeErrActf(w http.ResponseWriter, r *http.Request, action stri
 
 // also, validatePrefix
 func (h *htrun) isValidObjname(w http.ResponseWriter, r *http.Request, name string) bool {
-	if cos.IsLastB(name, filepath.Separator) || strings.Contains(name, "../") {
-		h.writeErrf(w, r, "invalid object name %q", name)
+	if err := cmn.ValidateObjName(name); err != nil {
+		h.writeErr(w, r, err)
 		return false
 	}
 	return true

diff --git a/ais/prxs3.go b/ais/prxs3.go
@@ -211,6 +211,10 @@ func (p *proxy) handleMptUpload(w http.ResponseWriter, r *http.Request, parts []
 	}
 	smap := p.owner.smap.get()
 	objName := s3.ObjName(parts)
+	if err := cmn.ValidateObjName(objName); err != nil {
+		s3.WriteErr(w, r, err, 0)
+		return
+	}
 	si, netPub, err := smap.HrwMultiHome(bck.MakeUname(objName))
 	if err != nil {
 		s3.WriteErr(w, r, err, 0)
@@ -478,6 +482,10 @@ func (p *proxy) directPutObjS3(w http.ResponseWriter, r *http.Request, items []s
 		return
 	}
 	objName := s3.ObjName(items)
+	if err := cmn.ValidateObjName(objName); err != nil {
+		s3.WriteErr(w, r, err, 0)
+		return
+	}
 	si, netPub, err = smap.HrwMultiHome(bck.MakeUname(objName))
 	if err != nil {
 		s3.WriteErr(w, r, err, 0)
@@ -517,6 +525,10 @@ func (p *proxy) getObjS3(w http.ResponseWriter, r *http.Request, items []string,
 		return
 	}
 	objName := s3.ObjName(items)
+	if err := cmn.ValidateObjName(objName); err != nil {
+		s3.WriteErr(w, r, err, 0)
+		return
+	}
 	si, netPub, err = smap.HrwMultiHome(bck.MakeUname(objName))
 	if err != nil {
 		s3.WriteErr(w, r, err, 0)
@@ -584,6 +596,10 @@ func (p *proxy) headObjS3(w http.ResponseWriter, r *http.Request, items []string
 		return
 	}
 	bucket, objName := items[0], s3.ObjName(items)
+	if err := cmn.ValidateObjName(objName); err != nil {
+		s3.WriteErr(w, r, err, 0)
+		return
+	}
 	bck, err, errCode := meta.InitByNameOnly(bucket, p.owner.bmd)
 	if err != nil {
 		s3.WriteErr(w, r, err, errCode)
@@ -627,6 +643,10 @@ func (p *proxy) delObjS3(w http.ResponseWriter, r *http.Request, items []string)
 		return
 	}
 	objName := s3.ObjName(items)
+	if err := cmn.ValidateObjName(objName); err != nil {
+		s3.WriteErr(w, r, err, 0)
+		return
+	}
 	si, err = smap.HrwName2T(bck.MakeUname(objName))
 	if err != nil {
 		s3.WriteErr(w, r, err, 0)

diff --git a/ais/tgts3mpt.go b/ais/tgts3mpt.go
@@ -89,7 +89,7 @@ func (t *target) putMptPart(w http.ResponseWriter, r *http.Request, items []stri
 
 	prefix := fmt.Sprintf("%s.%d", uploadID, partNum) // workfile name format: <upload-id>.<part-number>.<obj-name>
 	wfqn := fs.CSM.Gen(lom, fs.WorkfileType, prefix)
-	fh, err := os.Create(wfqn)
+	fh, err := cos.CreateFile(wfqn)
 	if err != nil {
 		s3.WriteErr(w, r, err, 0)
 		return

diff --git a/cmn/err.go b/cmn/err.go
@@ -191,6 +191,10 @@ type (
 		reason string
 		detail string
 	}
+
+	ErrInvalidObjName struct {
+		name string
+	}
 )
 
 var (
@@ -724,6 +728,21 @@ func IsErrXactUsePrev(err error) bool {
 	return ok
 }
 
+//
+// ErrInvalidObjName
+//
+
+func ValidateObjName(name string) (err *ErrInvalidObjName) {
+	if cos.IsLastB(name, filepath.Separator) || strings.Contains(name, "../") {
+		err = &ErrInvalidObjName{name}
+	}
+	return err
+}
+
+func (e *ErrInvalidObjName) Error() string {
+	return fmt.Sprintf("invalid object name %q", e.name)
+}
+
 ///////////////////////
 // ErrXactTgtInMaint //
 ///////////////////////