rgw: Fix for buffer overflow in STS op_post().

Signed-off-by: Marcus Watts <mwatts@redhat.com>
Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>

diff --git a/src/rgw/rgw_rest_sts.cc b/src/rgw/rgw_rest_sts.cc
index cadfe7b33ece94ce5900f0bc69d2286dfd0fb966..1d3a78cdb9abf5ce9d51b34ea97e7f3037436e50 100644 (file)
--- a/src/rgw/rgw_rest_sts.cc
+++ b/src/rgw/rgw_rest_sts.cc
@@ -172,10 +172,15 @@ void RGWSTSAssumeRole::execute()
 
 RGWOp *RGWHandler_REST_STS::op_post()
 {
-  char buf[256];
-  recv_body(s, buf, s->content_length);
-  ldout(s->cct, 0) << "Content of POST: " << buf << dendl;
-  string post_body = buf;
+  int len = 0;
+  char *data = nullptr;
+  const auto max_size = s->cct->_conf->rgw_max_put_param_size;
+  auto ret = rgw_rest_read_all_input(s, &data, &len, max_size, false);
+  if (ret < 0) {
+    return nullptr;
+  }
+  ldout(s->cct, 0) << "Content of POST: " << data << dendl;
+  string post_body = data;
 
   if (post_body.find("Action") != string::npos) {
     boost::char_separator<char> sep("&");
@@ -191,6 +196,8 @@ RGWOp *RGWHandler_REST_STS::op_post()
      }
   }
 
+  free(data);
+
   if (s->info.args.exists("Action"))    {
     string action = s->info.args.get("Action");
     if (action == "AssumeRole") {