]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commit
projects / ceph.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c9b043b) | patch
rgw: reject control characters in response-header actions 34927/head
authorRobin H. Johnson <rjohnson@digitalocean.com>
Fri, 27 Mar 2020 19:48:13 +0000 (20:48 +0100)
committerAbhishek Lekshmanan <abhishek@suse.com>
Wed, 6 May 2020 08:00:08 +0000 (10:00 +0200)
commit2f300936010e135b648f68ae0c142bb11e629b77
tree3622f5ced81e7e356161b6b7ecdbebd032fa6a91tree | snapshot
parentc9b043b6a4cfbf055eb0700ab819fc7e55b73e5fcommit | diff
rgw: reject control characters in response-header actions

S3 GetObject permits overriding response header values, but those inputs
need to be validated to insure only characters that are valid in an HTTP
header value are present.

Credit: Initial vulnerability discovery by William Bowling (@wcbowling)
Credit: Further vulnerability discovery by Robin H. Johnson <rjohnson@digitalocean.com>
Signed-off-by: Robin H. Johnson <rjohnson@digitalocean.com>
src/rgw/rgw_rest_s3.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.