rgw: check content md5 validity when doing auth

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index 052bd2e79ee323bad98b0cf829e22d030b78f898..507b0b3f8a3ed1feb284675a0a32022fb4b89c25 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -572,6 +572,9 @@ void RGWPutObj::execute()
       ret = ceph_unarmor(supplied_md5_bin, &supplied_md5_bin[CEPH_CRYPTO_MD5_DIGESTSIZE + 1],
                             supplied_md5_b64, supplied_md5_b64 + strlen(supplied_md5_b64));
       RGW_LOG(15) << "ceph_armor ret=" << ret << dendl;
+      if (ret < 0) {
+        goto done;
+      }
       if (ret != CEPH_CRYPTO_MD5_DIGESTSIZE) {
         ret = -ERR_INVALID_DIGEST;
         goto done;

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 37172d9ae8ae67a4768d7fbf310abb5a71a499c9..e9645a9a6c7cd6a8eefdb1f957fc8d15715c12fd 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -556,6 +556,10 @@ static bool parse_rfc2616(const char *s, struct tm *t)
   return parse_rfc850(s, t) || parse_asctime(s, t) || parse_rfc1123(s, t);
 }
 
+static inline bool is_base64(unsigned char c) {
+  return (isalnum(c) || (c == '+') || (c == '/'));
+}
+
 /*
  * get the header authentication  information required to
  * compute a request's signature
@@ -568,8 +572,15 @@ static bool get_auth_header(struct req_state *s, string& dest, bool qsr)
   dest.append("\n");
   
   const char *md5 = s->env->get("HTTP_CONTENT_MD5");
-  if (md5)
+  if (md5) {
+    for (const char *p = md5; *p; p++) {
+      if (!is_base64(*p)) {
+        RGW_LOG(0) << "bad content-md5 provided (not base64), aborting request" << dendl;
+        return false;
+      }
+    }
     dest.append(md5);
+  }
   dest.append("\n");
 
   const char *type = s->env->get("CONTENT_TYPE");