From 7486638563c1eeda7781dcf58b0c536d11f17a0b Mon Sep 17 00:00:00 2001 From: Matt Benjamin Date: Thu, 18 Aug 2016 10:54:16 -0400 Subject: [PATCH] rgw ldap: protect rgw::from_base64 from non-base64 input Also adds unit tests for: 1. empty output from from_base64 (turns out to be harmless) 2. random and specific non-base64 and sort strings (modified from upstream to avoid alteration of src/test/test_rgw_token.cc) Signed-off-by: Matt Benjamin (cherry picked from commit 0a4c91ec7652d02673a9b156cd16144d778a3844) Fixes: http://tracker.ceph.com/issues/17324 --- src/rgw/rgw_file.h | 8 +++++++- src/rgw/rgw_rest_s3.cc | 8 +++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/src/rgw/rgw_file.h b/src/rgw/rgw_file.h index 42b6649105187..a98a98e03b0f7 100644 --- a/src/rgw/rgw_file.h +++ b/src/rgw/rgw_file.h @@ -780,7 +780,13 @@ namespace rgw { } else { /* try external authenticators (ldap for now) */ rgw::LDAPHelper* ldh = rgwlib.get_ldh(); /* !nullptr */ - RGWToken token{from_base64(key.id)}; + RGWToken token; + /* boost filters and/or string_ref may throw on invalid input */ + try { + token = rgw::from_base64(key.id); + } catch(...) { + token = std::string(""); + } if (token.valid() && (ldh->auth(token.id, token.key) == 0)) { /* try to store user if it doesn't already exist */ if (rgw_get_user_info_by_uid(store, token.id, user) < 0) { diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc index 03ce3a7b99f6f..ac11fcbc2c707 100644 --- a/src/rgw/rgw_rest_s3.cc +++ b/src/rgw/rgw_rest_s3.cc @@ -1754,7 +1754,13 @@ int RGWPostObj_ObjStore_S3::get_policy() << store->ctx()->_conf->rgw_ldap_uri << dendl; - RGWToken token{from_base64(s3_access_key)}; + RGWToken token; + /* boost filters and/or string_ref may throw on invalid input */ + try { + token = rgw::from_base64(s3_access_key); + } catch(...) { + token = std::string(""); + } if (! token.valid()) return -EACCES; -- 2.39.5