From 1c7e33b0c1a27acfd6ada5f18d24e02a76af071b Mon Sep 17 00:00:00 2001 From: Marcus Watts Date: Tue, 16 Jul 2024 17:16:10 -0400 Subject: [PATCH] rgw/compression antibug check If another bug tells the compression filter to decompress more data than is actually present, the resulting "end_of_buffer" error was thrown. The thrown exception unwinds the stack, including a completion that is pending. The resulting core dump indicates a failure with this completion rather than the end of buffer exception, which is misleading and not useful. With this change, radosgw does not abort, and instead logs a somewhat useful message before returning an "unknown" error to the client. Fixes: https://tracker.ceph.com/issues/23264 Signed-off-by: Marcus Watts --- src/rgw/rgw_compression.cc | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/rgw/rgw_compression.cc b/src/rgw/rgw_compression.cc index 61b50d45394..97f1b156e5a 100644 --- a/src/rgw/rgw_compression.cc +++ b/src/rgw/rgw_compression.cc @@ -173,6 +173,17 @@ int RGWGetObj_Decompress::handle_data(bufferlist& bl, off_t bl_ofs, off_t bl_len lsubdout(cct, rgw, 0) << "handle_data failed with exit code " << r << dendl; return r; } + // the next avoids an end_of_buffer exception that can be thrown + // if we try to read past the end of the compressed data, + // "which should never happen". (The crash dump after this is + // useless for diagnostic purposes.) + if (out_bl.length() < q_ofs + ch_len) { + lsubdout(cct, rgw, 0) << "handle_data consumed data? out_bl.len=" << + out_bl.length() + << " q_ofs=" << q_ofs << " ch_len=" << ch_len + << " q_len=" << q_len << dendl; + return -EIO; + } out_bl.splice(0, q_ofs + ch_len); q_len -= ch_len; q_ofs = 0; -- 2.39.5