rgw: parse_copy_location defers url-decode

author Casey Bodley <cbodley@redhat.com>

Tue, 11 Dec 2018 21:13:58 +0000 (16:13 -0500)

committer Nathan Cutler <ncutler@suse.com>

Tue, 25 Jun 2019 11:00:28 +0000 (13:00 +0200)
author Casey Bodley <cbodley@redhat.com>
Tue, 11 Dec 2018 21:13:58 +0000 (16:13 -0500)
committer Nathan Cutler <ncutler@suse.com>
Tue, 25 Jun 2019 11:00:28 +0000 (13:00 +0200)
diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc

index 34b07008b05edc2c8b5f84e23d5fabedc9f3d9b3..409c851fab565b771918a676d2f878b9997855c4 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -4609,6 +4609,7 @@ bool RGWCopyObj::parse_copy_location(const boost::string_view& url_src,
    boost::string_view name_str;
    boost::string_view params_str;
  
+  // search for ? before url-decoding so we don't accidentally match %3F
    size_t pos = url_src.find('?');
    if (pos == string::npos) {
      name_str = url_src;
@@ -4622,14 +4623,11 @@ bool RGWCopyObj::parse_copy_location(const boost::string_view& url_src,
      dec_src.remove_prefix(1);
  
    pos = dec_src.find('/');
-  if (pos ==string::npos)
+  if (pos == string::npos)
      return false;
  
-  boost::string_view bn_view{dec_src.substr(0, pos)};
-  bucket_name = std::string{bn_view.data(), bn_view.size()};
-
-  boost::string_view kn_view{dec_src.substr(pos + 1)};
-  key.name = std::string{kn_view.data(), kn_view.size()};
+  bucket_name = url_decode(dec_src.substr(0, pos));
+  key.name = url_decode(dec_src.substr(pos + 1));
  
    if (key.name.empty()) {
      return false;
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc

index 18ce9e917a1e06f7ac2928b2c6b88e1240462454..14963b82f5fd15df6f94cbf4912d4533de461041 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3480,7 +3480,7 @@ int RGWHandler_REST_S3::init(RGWRados *store, struct req_state *s,
        (! s->info.env->get("HTTP_X_AMZ_COPY_SOURCE_RANGE")) &&
        (! s->info.args.exists("uploadId"))) {
  
-    ret = RGWCopyObj::parse_copy_location(url_decode(copy_source),
+    ret = RGWCopyObj::parse_copy_location(copy_source,
                                            s->init_state.src_bucket,
                                            s->src_object);
      if (!ret) {
diff --git a/src/rgw/rgw_rest_swift.cc b/src/rgw/rgw_rest_swift.cc

index af672c6685ba4a81a84718f503d6e646510a4f8c..6c6d7b55f3e855a8053f6849e443c831e65c6824 100644 (file)
--- a/src/rgw/rgw_rest_swift.cc
+++ b/src/rgw/rgw_rest_swift.cc
@@ -3019,8 +3019,7 @@ int RGWHandler_REST_SWIFT::init(RGWRados* store, struct req_state* s,
  
    s->dialect = "swift";
  
-  std::string copy_source =
-    url_decode(s->info.env->get("HTTP_X_COPY_FROM", ""));
+  std::string copy_source = s->info.env->get("HTTP_X_COPY_FROM", "");
    if (! copy_source.empty()) {
      bool result = RGWCopyObj::parse_copy_location(copy_source, t->src_bucket,
                                                   s->src_object);
@@ -3029,8 +3028,7 @@ int RGWHandler_REST_SWIFT::init(RGWRados* store, struct req_state* s,
    }
  
    if (s->op == OP_COPY) {
-    std::string req_dest =
-      url_decode(s->info.env->get("HTTP_DESTINATION", ""));
+    std::string req_dest = s->info.env->get("HTTP_DESTINATION", "");
      if (req_dest.empty())
        return -ERR_BAD_URL;
author	Casey Bodley <cbodley@redhat.com>
	Tue, 11 Dec 2018 21:13:58 +0000 (16:13 -0500)
committer	Nathan Cutler <ncutler@suse.com>
	Tue, 25 Jun 2019 11:00:28 +0000 (13:00 +0200)
src/rgw/rgw_op.cc		patch \| blob \| history
src/rgw/rgw_rest_s3.cc		patch \| blob \| history
src/rgw/rgw_rest_swift.cc		patch \| blob \| history