From: Kefu Chai Date: Fri, 11 Sep 2020 08:42:24 +0000 (+0800) Subject: common/admin_socket: always validate the parameters X-Git-Tag: v16.1.0~1106^2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=0039eb2ce612fff21be71254a33883df80a934b7;p=ceph.git common/admin_socket: always validate the parameters this change addresses the regression introduced by 65267d55cd3714c436b188aaa8b2049ad2b21225. before this change, we reply the client with a failure only if both the prefix and the arguments do not match. after this change, both the prefix and argument are checked. Fixes: https://tracker.ceph.com/issues/47179 Signed-off-by: Kefu Chai --- diff --git a/src/common/admin_socket.cc b/src/common/admin_socket.cc index 10183fd42f59a..0e9871fbaf5d5 100644 --- a/src/common/admin_socket.cc +++ b/src/common/admin_socket.cc @@ -540,19 +540,19 @@ AdminSocket::find_matched_hook(std::string& prefix, // hook takes the same lock that was held during calls to // register/unregister, and set in_hook to allow unregister to wait for us // before removing this hook. - auto p = hooks.find(prefix); - if (p == hooks.cend()) { + auto [hooks_begin, hooks_end] = hooks.equal_range(prefix); + if (hooks_begin == hooks_end) { return {ENOENT, nullptr}; } // make sure one of the registered commands with this prefix validates. stringstream errss; - if (!validate_cmd(m_cct, p->second.desc, cmdmap, errss)) { - if (p->first != prefix) { - return {EINVAL, nullptr}; + for (auto hook = hooks_begin; hook != hooks_end; ++hook) { + if (validate_cmd(m_cct, hook->second.desc, cmdmap, errss)) { + in_hook = true; + return {0, hook->second.hook}; } } - in_hook = true; - return {0, p->second.hook}; + return {EINVAL, nullptr}; } void AdminSocket::queue_tell_command(cref_t m)