From: Marcus Watts Date: Fri, 8 Jan 2021 22:43:58 +0000 (-0500) Subject: rgw/kms/vault - 0 terminate before rapidjson X-Git-Tag: v16.2.0~45^2~3 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=5ec24bb7c95505d6b9c16c45252076952fa0cde4;p=ceph.git rgw/kms/vault - 0 terminate before rapidjson bufferlist c_str() doesn't guarantee a trailing nul, which is req'd by rapidjson. So, append a nul to make that guarantee explicit. Also, add an optional "virtual" so unit test logic can override send_request(). Fixes: http://tracker.ceph.com/issues/48746 Signed-off-by: Marcus Watts (cherry picked from commit 30ee3d473bed7318491fc28c7eaa66e8b7633c75) --- diff --git a/src/rgw/rgw_kms.cc b/src/rgw/rgw_kms.cc index a249deda782..8542d483d48 100644 --- a/src/rgw/rgw_kms.cc +++ b/src/rgw/rgw_kms.cc @@ -24,6 +24,9 @@ using namespace rgw; +#ifndef FORTEST_VIRTUAL +#define FORTEST_VIRTUAL /**/ +#endif /** * Memory pool for use with rapidjson. This version @@ -204,6 +207,7 @@ protected: return res; } + FORTEST_VIRTUAL int send_request(const char *method, std::string_view infix, std::string_view key_id, const std::string& postdata, @@ -366,6 +370,7 @@ public: ldout(cct, 20) << "Parse response into JSON Object" << dendl; + secret_bl.append('\0'); rapidjson::StringStream isw(secret_bl.c_str()); d.ParseStream<>(isw); @@ -435,6 +440,7 @@ public: ldout(cct, 20) << "Parse response into JSON Object" << dendl; + secret_bl.append('\0'); rapidjson::StringStream isw(secret_bl.c_str()); d.SetNull(); d.ParseStream<>(isw); @@ -518,6 +524,7 @@ public: ldout(cct, 20) << "Parse response into JSON Object" << dendl; + secret_bl.append('\0'); rapidjson::StringStream isw(secret_bl.c_str()); d.SetNull(); d.ParseStream<>(isw); @@ -578,6 +585,7 @@ public: ldout(cct, 20) << "Parse response into JSON Object" << dendl; + secret_bl.append('\0'); rapidjson::StringStream isw(secret_bl.c_str()); d.ParseStream<>(isw);