mirror of
https://github.com/minio/minio.git
synced 2024-12-23 21:55:53 -05:00
Avoid object names with '//' to avoid hash inconsistencies (#8946)
This is to fix a situation where an object name incorrectly is sent with '//' in its path heirarchy, we should reject such object names because they may be hashed to a set where the object might not originally belong because, this can cause situations where once object is uploaded we cannot delete it anymore. Fixes #8873
This commit is contained in:
parent
086fbb745e
commit
c2c5b09bb1
@ -46,7 +46,9 @@ function main()
|
||||
gw_pid="$(start_minio_gateway_s3)"
|
||||
|
||||
SERVER_ENDPOINT=127.0.0.1:24240 ENABLE_HTTPS=0 ACCESS_KEY=minio \
|
||||
SECRET_KEY=minio123 MINT_MODE="full" /mint/entrypoint.sh
|
||||
SECRET_KEY=minio123 MINT_MODE="full" /mint/entrypoint.sh \
|
||||
awscli aws-sdk-java aws-sdk-ruby mc minio-go minio-js s3cmd \
|
||||
aws-sdk-go aws-sdk-php healthcheck minio-dotnet minio-py security
|
||||
rv=$?
|
||||
|
||||
kill "$sr_pid"
|
||||
|
@ -162,6 +162,7 @@ func checkObjectArgs(ctx context.Context, bucket, object string, obj ObjectLayer
|
||||
if err := checkObjectNameForLengthAndSlash(bucket, object); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Validates object name validity after bucket exists.
|
||||
if !IsValidObjectName(object) {
|
||||
return ObjectNameInvalid{
|
||||
|
@ -166,7 +166,10 @@ func IsValidObjectPrefix(object string) bool {
|
||||
return false
|
||||
}
|
||||
// Reject unsupported characters in object name.
|
||||
if strings.ContainsAny(object, "\\") {
|
||||
if strings.ContainsAny(object, `\`) {
|
||||
return false
|
||||
}
|
||||
if strings.Contains(object, `//`) {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
|
@ -122,7 +122,9 @@ func TestIsValidObjectName(t *testing.T) {
|
||||
{" ../etc", false},
|
||||
{"./././", false},
|
||||
{"./etc", false},
|
||||
{"contains-\\-backslash", false},
|
||||
{`contains-\-backslash`, false},
|
||||
{`contains//double/forwardslash`, false},
|
||||
{`//contains/double-forwardslash-prefix`, false},
|
||||
{string([]byte{0xff, 0xfe, 0xfd}), false},
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user