libradosstriper: remove format injection vulnerability

author Jesse Williamson <jwilliamson@suse.de>

Tue, 13 Jun 2017 19:31:16 +0000 (12:31 -0700)

committer Nathan Cutler <ncutler@suse.com>

Thu, 7 Sep 2017 16:00:21 +0000 (18:00 +0200)
author Jesse Williamson <jwilliamson@suse.de>
Tue, 13 Jun 2017 19:31:16 +0000 (12:31 -0700)
committer Nathan Cutler <ncutler@suse.com>
Thu, 7 Sep 2017 16:00:21 +0000 (18:00 +0200)
diff --git a/src/libradosstriper/RadosStriperImpl.cc b/src/libradosstriper/RadosStriperImpl.cc

index c2fc16b9025357976350eea64ba050942b822f00..54b40c1452ef3d311cd8e4f011e34070137cdf59 100644 (file)
--- a/src/libradosstriper/RadosStriperImpl.cc
+++ b/src/libradosstriper/RadosStriperImpl.cc
@@ -12,6 +12,8 @@
   *
   */
  
+#include <boost/algorithm/string/replace.hpp>
+
  #include "libradosstriper/RadosStriperImpl.h"
  
  #include <errno.h>
@@ -466,7 +468,9 @@ int libradosstriper::RadosStriperImpl::aio_read(const std::string& soid,
    // get list of extents to be read from
    vector<ObjectExtent> *extents = new vector<ObjectExtent>();
    if (read_len > 0) {
-    std::string format = soid + RADOS_OBJECT_EXTENSION_FORMAT;
+    std::string format = soid;
+    boost::replace_all(format, "%", "%%");
+    format += RADOS_OBJECT_EXTENSION_FORMAT;
      file_layout_t l;
      l.from_legacy(layout);
      Striper::file_to_extents(cct(), format.c_str(), &l, off, read_len,
@@ -781,7 +785,9 @@ libradosstriper::RadosStriperImpl::internal_aio_write(const std::string& soid,
    if (len > 0) {
      // get list of extents to be written to
      vector<ObjectExtent> extents;
-    std::string format = soid + RADOS_OBJECT_EXTENSION_FORMAT;
+    std::string format = soid;
+    boost::replace_all(format, "%", "%%");
+    format += RADOS_OBJECT_EXTENSION_FORMAT;
      file_layout_t l;
      l.from_legacy(layout);
      Striper::file_to_extents(cct(), format.c_str(), &l, off, len, 0, extents);
author	Jesse Williamson <jwilliamson@suse.de>
	Tue, 13 Jun 2017 19:31:16 +0000 (12:31 -0700)
committer	Nathan Cutler <ncutler@suse.com>
	Thu, 7 Sep 2017 16:00:21 +0000 (18:00 +0200)