From: yuliyang <yuliyang@cmss.chinamobile.com>
Date: Mon, 9 Dec 2019 12:23:15 +0000 (+0800)
Subject: rgw: fix rgw crash when duration is invalid in sts request
X-Git-Tag: v14.2.10~228^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F33273%2Fhead;p=ceph.git

rgw: fix rgw crash when duration is invalid in sts request

Fixes: https://tracker.ceph.com/issues/43018

Signed-off-by: yuliyang <yuliyang@cmss.chinamobile.com>
(cherry picked from commit 064d16f6659d190d6196e2bb26605caac6d0786a)
---

diff --git a/src/rgw/rgw_rest_sts.cc b/src/rgw/rgw_rest_sts.cc
index bd00eeb127a2..e01654323f20 100644
--- a/src/rgw/rgw_rest_sts.cc
+++ b/src/rgw/rgw_rest_sts.cc
@@ -187,7 +187,12 @@ int RGWSTSGetSessionToken::get_params()
   tokenCode = s->info.args.get("TokenCode");
 
   if (! duration.empty()) {
-    uint64_t duration_in_secs = stoull(duration);
+    string err;
+    uint64_t duration_in_secs = strict_strtoll(duration.c_str(), 10, &err);
+    if (!err.empty()) {
+      return -EINVAL;
+    }
+
     if (duration_in_secs < STS::GetSessionTokenRequest::getMinDuration() ||
             duration_in_secs > s->cct->_conf->rgw_sts_max_session_duration)
       return -EINVAL;
diff --git a/src/rgw/rgw_sts.cc b/src/rgw/rgw_sts.cc
index 80daa04cbbca..0cef12ac28e0 100644
--- a/src/rgw/rgw_sts.cc
+++ b/src/rgw/rgw_sts.cc
@@ -170,12 +170,16 @@ AssumeRoleRequestBase::AssumeRoleRequestBase( const string& duration,
   if (duration.empty()) {
     this->duration = DEFAULT_DURATION_IN_SECS;
   } else {
-    this->duration = std::stoull(duration);
+    this->duration = strict_strtoll(duration.c_str(), 10, &this->err_msg);
   }
 }
 
 int AssumeRoleRequestBase::validate_input() const
 {
+  if (!err_msg.empty()) {
+    return -EINVAL;
+  }
+
   if (duration < MIN_DURATION_IN_SECS ||
           duration > MAX_DURATION_IN_SECS) {
     return -EINVAL;
diff --git a/src/rgw/rgw_sts.h b/src/rgw/rgw_sts.h
index 68187ba19960..1ad4850421d6 100644
--- a/src/rgw/rgw_sts.h
+++ b/src/rgw/rgw_sts.h
@@ -22,6 +22,7 @@ protected:
   static constexpr uint64_t MAX_ROLE_SESSION_SIZE = 64;
   uint64_t MAX_DURATION_IN_SECS;
   uint64_t duration;
+  string err_msg;
   string iamPolicy;
   string roleArn;
   string roleSessionName;