rgw: fix rgw crash when duration is invalid in sts request

author yuliyang <yuliyang@cmss.chinamobile.com>

Mon, 9 Dec 2019 12:23:15 +0000 (20:23 +0800)

committer Nathan Cutler <ncutler@suse.com>

Thu, 13 Feb 2020 14:02:16 +0000 (15:02 +0100)
author yuliyang <yuliyang@cmss.chinamobile.com>
Mon, 9 Dec 2019 12:23:15 +0000 (20:23 +0800)
committer Nathan Cutler <ncutler@suse.com>
Thu, 13 Feb 2020 14:02:16 +0000 (15:02 +0100)
diff --git a/src/rgw/rgw_rest_sts.cc b/src/rgw/rgw_rest_sts.cc

index bd00eeb127a20ea81ec882e4292f0797d24998ba..e01654323f20110b010ecacd8aee699eb7e75d11 100644 (file)
--- a/src/rgw/rgw_rest_sts.cc
+++ b/src/rgw/rgw_rest_sts.cc
@@ -187,7 +187,12 @@ int RGWSTSGetSessionToken::get_params()
    tokenCode = s->info.args.get("TokenCode");
  
    if (! duration.empty()) {
-    uint64_t duration_in_secs = stoull(duration);
+    string err;
+    uint64_t duration_in_secs = strict_strtoll(duration.c_str(), 10, &err);
+    if (!err.empty()) {
+      return -EINVAL;
+    }
+
      if (duration_in_secs < STS::GetSessionTokenRequest::getMinDuration() ||
              duration_in_secs > s->cct->_conf->rgw_sts_max_session_duration)
        return -EINVAL;
diff --git a/src/rgw/rgw_sts.cc b/src/rgw/rgw_sts.cc

index 80daa04cbbcaf61c18773e0a9a78e4347e7bc558..0cef12ac28e0add0f6609828d30a50adc037a4ae 100644 (file)
--- a/src/rgw/rgw_sts.cc
+++ b/src/rgw/rgw_sts.cc
@@ -170,12 +170,16 @@ AssumeRoleRequestBase::AssumeRoleRequestBase( const string& duration,
    if (duration.empty()) {
      this->duration = DEFAULT_DURATION_IN_SECS;
    } else {
-    this->duration = std::stoull(duration);
+    this->duration = strict_strtoll(duration.c_str(), 10, &this->err_msg);
    }
  }
  
  int AssumeRoleRequestBase::validate_input() const
  {
+  if (!err_msg.empty()) {
+    return -EINVAL;
+  }
+
    if (duration < MIN_DURATION_IN_SECS ||
            duration > MAX_DURATION_IN_SECS) {
      return -EINVAL;
diff --git a/src/rgw/rgw_sts.h b/src/rgw/rgw_sts.h

index 68187ba19960b505f9725ddb258c476f29d3ab82..1ad4850421d6ecb653846e4b2eaf140d032ba75b 100644 (file)
--- a/src/rgw/rgw_sts.h
+++ b/src/rgw/rgw_sts.h
@@ -22,6 +22,7 @@ protected:
    static constexpr uint64_t MAX_ROLE_SESSION_SIZE = 64;
    uint64_t MAX_DURATION_IN_SECS;
    uint64_t duration;
+  string err_msg;
    string iamPolicy;
    string roleArn;
    string roleSessionName;
author	yuliyang <yuliyang@cmss.chinamobile.com>
	Mon, 9 Dec 2019 12:23:15 +0000 (20:23 +0800)
committer	Nathan Cutler <ncutler@suse.com>
	Thu, 13 Feb 2020 14:02:16 +0000 (15:02 +0100)
src/rgw/rgw_rest_sts.cc		patch \| blob \| history
src/rgw/rgw_sts.cc		patch \| blob \| history
src/rgw/rgw_sts.h		patch \| blob \| history