From 65238bc89ef6dfa2e4bd758b76f841d2c05d4852 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Lu=C3=ADs=20Henriques?= Date: Tue, 12 Jul 2022 13:54:48 +0100 Subject: [PATCH] mds: prevent exceeding xattrs limits on initial set MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When doing a sync setxattr (MDS_OP_SETXATTR) to set the first xattr in an inode it is possible for the client to set a huge xattr key/value that would exceed the limit. Prevent this from from happening by checking the size against the maximum allowed size. URL: https://tracker.ceph.com/issues/55725 Signed-off-by: Luís Henriques (cherry picked from commit ca1a397cca6b39a6472b453cd393e65e339a506e) --- src/mds/Server.cc | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/mds/Server.cc b/src/mds/Server.cc index c736c0bd3c6..e8ed78e6d8a 100644 --- a/src/mds/Server.cc +++ b/src/mds/Server.cc @@ -6531,9 +6531,9 @@ void Server::handle_client_setxattr(MDRequestRef& mdr) auto handler = Server::get_xattr_or_default_handler(name); const auto& pxattrs = cur->get_projected_xattrs(); + size_t cur_xattrs_size = 0; if (pxattrs) { // check xattrs kv pairs size - size_t cur_xattrs_size = 0; for (const auto& p : *pxattrs) { if ((flags & CEPH_XATTR_REPLACE) && name.compare(p.first) == 0) { continue; @@ -6541,12 +6541,12 @@ void Server::handle_client_setxattr(MDRequestRef& mdr) cur_xattrs_size += p.first.length() + p.second.length(); } - if (((cur_xattrs_size + inc) > mds->mdsmap->get_max_xattr_size())) { - dout(10) << "xattr kv pairs size too big. cur_xattrs_size " - << cur_xattrs_size << ", inc " << inc << dendl; - respond_to_request(mdr, -CEPHFS_ENOSPC); - return; - } + } + if (((cur_xattrs_size + inc) > mds->mdsmap->get_max_xattr_size())) { + dout(10) << "xattr kv pairs size too big. cur_xattrs_size " + << cur_xattrs_size << ", inc " << inc << dendl; + respond_to_request(mdr, -CEPHFS_ENOSPC); + return; } XattrOp xattr_op(CEPH_MDS_OP_SETXATTR, name, req->get_data(), flags); -- 2.39.5