Check if `HTTP_X_AMZ_COPY_SOURCE` header is empty

The issue was that the `HTTP_X_AMZ_COPY_SOURCE` header could be present but empty (i.e., an empty string rather than NULL). The  code only checked if the pointer was not NULL, but didn't verify that the string had content. When an empty string was passed to RGWCopyObj::parse_copy_location(), it would eventually try to access name_str[0] on an empty string, causing a crash.

Fixes: https://tracker.ceph.com/issues/72669
Signed-off-by: Suyash Dongre <suyashd999@gmail.com>

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index 6a7a7313e11710681120264fde4732eef918f740..30ec14478c86e41e0fe99cd08feb4a102486e550 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -5426,6 +5426,9 @@ bool RGWCopyObj::parse_copy_location(const std::string_view& url_src,
     params_str = url_src.substr(pos + 1);
   }
 
+  if (name_str.empty()) {
+    return false;
+  }
   if (name_str[0] == '/') // trim leading slash
     name_str.remove_prefix(1);