From: Felix Hüttner <felix.huettner@mail.schwarz>
Date: Thu, 6 May 2021 16:18:00 +0000 (-0400)
Subject: rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name
X-Git-Tag: v16.2.4~6
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=bf06990ab41d7ac299e4441ad9cd434e926a18e7;p=ceph.git

rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name

checking for empty name avoids later assertion in RGWObjectCtx::set_atomic

Fixes: CVE-2021-3531

Reviewed-by: Casey Bodley <cbodley@redhat.com>
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 7196a469b4470f3c8628489df9a41ec8b00a5610)
---

diff --git a/src/rgw/rgw_rest_swift.cc b/src/rgw/rgw_rest_swift.cc
index 0a8d6cdf99325..11bf7abd03aa2 100644
--- a/src/rgw/rgw_rest_swift.cc
+++ b/src/rgw/rgw_rest_swift.cc
@@ -2560,6 +2560,9 @@ bool RGWSwiftWebsiteHandler::is_web_dir() const
     return false;
   } else if (subdir_name.back() == '/') {
     subdir_name.pop_back();
+    if (subdir_name.empty()) {
+      return false;
+    }
   }
 
   rgw::sal::RGWRadosObject obj(store, rgw_obj_key(std::move(subdir_name)), s->bucket.get());