From: Casey Bodley Date: Thu, 23 Mar 2023 19:02:51 +0000 (-0400) Subject: rgw: RGWCopyObj loads src_bucket in init_processing() X-Git-Tag: v18.1.0~156^2~1 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=d59f453e100ff45ff013345551085ee17345383d;p=ceph.git rgw: RGWCopyObj loads src_bucket in init_processing() if `RGWCopyObj::verify_permissions()` returns an error, it may leave some zipper objects uninitialized. when the user has admin or system privileges, we'll ignore that error and call `execute()` anyway. this moves the initialization into `RGWCopyObj::init_processing()` instead Fixes: https://tracker.ceph.com/issues/58035 Signed-off-by: Casey Bodley (cherry picked from commit 9e1d2b140fe9550370fdc6e15329005ecc5b4d9d) --- diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc index 238ee2956b22..b9be0e823408 100644 --- a/src/rgw/rgw_op.cc +++ b/src/rgw/rgw_op.cc @@ -5191,10 +5191,13 @@ bool RGWCopyObj::parse_copy_location(const std::string_view& url_src, return true; } -int RGWCopyObj::verify_permission(optional_yield y) +int RGWCopyObj::init_processing(optional_yield y) { - RGWAccessControlPolicy src_acl(s->cct); - boost::optional src_policy; + op_ret = RGWOp::init_processing(y); + if (op_ret < 0) { + return op_ret; + } + op_ret = get_params(y); if (op_ret < 0) return op_ret; @@ -5217,6 +5220,14 @@ int RGWCopyObj::verify_permission(optional_yield y) /* This is the only place the bucket is set on src_object */ s->src_object->set_bucket(src_bucket.get()); + return 0; +} + +int RGWCopyObj::verify_permission(optional_yield y) +{ + RGWAccessControlPolicy src_acl(s->cct); + boost::optional src_policy; + /* get buckets info (source and dest) */ if (s->local_source && source_zone.empty()) { s->src_object->set_atomic(); diff --git a/src/rgw/rgw_op.h b/src/rgw/rgw_op.h index b29c87c51cae..2e95ebd03f71 100644 --- a/src/rgw/rgw_op.h +++ b/src/rgw/rgw_op.h @@ -1570,6 +1570,7 @@ public: RGWOp::init(driver, s, h); dest_policy.set_ctx(s->cct); } + int init_processing(optional_yield y) override; int verify_permission(optional_yield y) override; void pre_exec() override; void execute(optional_yield y) override;