Avoid object names with '//' to avoid hash inconsistencies (#8946)

This is to fix a situation where an object name incorrectly
is sent with '//' in its path heirarchy, we should reject
such object names because they may be hashed to a set where
the object might not originally belong because, this can
cause situations where once object is uploaded we cannot
delete it anymore.

Fixes #8873

buildscripts/gateway-tests.sh

@@ -46,7 +46,9 @@ function main()
     gw_pid="$(start_minio_gateway_s3)"
 
     SERVER_ENDPOINT=127.0.0.1:24240 ENABLE_HTTPS=0 ACCESS_KEY=minio \
-                   SECRET_KEY=minio123 MINT_MODE="full" /mint/entrypoint.sh
+                   SECRET_KEY=minio123 MINT_MODE="full" /mint/entrypoint.sh \
+                   awscli aws-sdk-java aws-sdk-ruby mc minio-go minio-js s3cmd \
+                   aws-sdk-go aws-sdk-php healthcheck minio-dotnet minio-py security
     rv=$?
 
     kill "$sr_pid"

cmd/object-api-input-checks.go

@@ -162,6 +162,7 @@ func checkObjectArgs(ctx context.Context, bucket, object string, obj ObjectLayer
 	if err := checkObjectNameForLengthAndSlash(bucket, object); err != nil {
 		return err
 	}
+
 	// Validates object name validity after bucket exists.
 	if !IsValidObjectName(object) {
 		return ObjectNameInvalid{

cmd/object-api-utils.go

@@ -166,7 +166,10 @@ func IsValidObjectPrefix(object string) bool {
 		return false
 	}
 	// Reject unsupported characters in object name.
-	if strings.ContainsAny(object, "\\") {
+	if strings.ContainsAny(object, `\`) {
+		return false
+	}
+	if strings.Contains(object, `//`) {
 		return false
 	}
 	return true

cmd/object-api-utils_test.go

@@ -122,7 +122,9 @@ func TestIsValidObjectName(t *testing.T) {
 		{" ../etc", false},
 		{"./././", false},
 		{"./etc", false},
-		{"contains-\\-backslash", false},
+		{`contains-\-backslash`, false},
+		{`contains//double/forwardslash`, false},
+		{`//contains/double-forwardslash-prefix`, false},
 		{string([]byte{0xff, 0xfe, 0xfd}), false},
 	}