libradosstriper: remove format injection vulnerability

author Jesse Williamson <jwilliamson@suse.de>

Tue, 13 Jun 2017 19:31:16 +0000 (12:31 -0700)

committer Jesse Williamson <jwilliamson@suse.de>

Mon, 19 Jun 2017 22:08:59 +0000 (15:08 -0700)
author Jesse Williamson <jwilliamson@suse.de>
Tue, 13 Jun 2017 19:31:16 +0000 (12:31 -0700)
committer Jesse Williamson <jwilliamson@suse.de>
Mon, 19 Jun 2017 22:08:59 +0000 (15:08 -0700)
diff --git a/src/libradosstriper/RadosStriperImpl.cc b/src/libradosstriper/RadosStriperImpl.cc

index fd5f13f0065fd52df71839c407401a2042b05863..c6020bf95571cc3da0f85edfe8f14e2d15e50188 100644 (file)
--- a/src/libradosstriper/RadosStriperImpl.cc
+++ b/src/libradosstriper/RadosStriperImpl.cc
@@ -12,6 +12,8 @@
   *
   */
  
+#include <boost/algorithm/string/replace.hpp>
+
  #include "libradosstriper/RadosStriperImpl.h"
  
  #include <errno.h>
@@ -501,7 +503,9 @@ int libradosstriper::RadosStriperImpl::aio_read(const std::string& soid,
    // get list of extents to be read from
    vector<ObjectExtent> *extents = new vector<ObjectExtent>();
    if (read_len > 0) {
-    std::string format = soid + RADOS_OBJECT_EXTENSION_FORMAT;
+    std::string format = soid;
+    boost::replace_all(format, "%", "%%");
+    format += RADOS_OBJECT_EXTENSION_FORMAT;
      file_layout_t l;
      l.from_legacy(layout);
      Striper::file_to_extents(cct(), format.c_str(), &l, off, read_len,
@@ -1077,7 +1081,9 @@ libradosstriper::RadosStriperImpl::internal_aio_write(const std::string& soid,
    if (len > 0) {
      // get list of extents to be written to
      vector<ObjectExtent> extents;
-    std::string format = soid + RADOS_OBJECT_EXTENSION_FORMAT;
+    std::string format = soid;
+    boost::replace_all(format, "%", "%%");
+    format += RADOS_OBJECT_EXTENSION_FORMAT;
      file_layout_t l;
      l.from_legacy(layout);
      Striper::file_to_extents(cct(), format.c_str(), &l, off, len, 0, extents);
author	Jesse Williamson <jwilliamson@suse.de>
	Tue, 13 Jun 2017 19:31:16 +0000 (12:31 -0700)
committer	Jesse Williamson <jwilliamson@suse.de>
	Mon, 19 Jun 2017 22:08:59 +0000 (15:08 -0700)