Skip to content

Commit

Permalink
Fix key and bucket length checks - make it byte count
Browse files Browse the repository at this point in the history 
Signed-off-by: Utkarsh Srivastava <[email protected]>
(cherry picked from commit c9825c2)
  • Loading branch information
@tangledbytes
tangledbytes committed Feb 18, 2025
1 parent 5ab1361 commit 89bbc31
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 2 deletions.
5 changes: 3 additions & 2 deletions src/endpoint/s3/s3_rest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ const time_utils = require('../../util/time_utils');
const http_utils = require('../../util/http_utils');
const signature_utils = require('../../util/signature_utils');
const config = require('../../../config');
const s3_utils = require('./s3_utils');

const S3_MAX_BODY_LEN = 4 * 1024 * 1024;

Expand Down Expand Up @@ -341,10 +342,10 @@ function get_bucket_and_key(req) {
}
}

if (key?.length > config.S3_MAX_KEY_LENGTH) {
if (key?.length && !s3_utils.verify_string_byte_length(key, config.S3_MAX_KEY_LENGTH)) {
throw new S3Error(S3Error.KeyTooLongError);
}
if (bucket?.length > config.S3_MAX_BUCKET_NAME_LENGTH) {
if (bucket?.length && !s3_utils.verify_string_byte_length(bucket, config.S3_MAX_BUCKET_NAME_LENGTH)) {
throw new S3Error(S3Error.InvalidBucketName);
}

Expand Down
19 changes: 19 additions & 0 deletions src/endpoint/s3/s3_utils.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -724,6 +724,24 @@ function parse_restore_request_days(req) {
return days;
}

/**
* Returns true if the byte length of the key
* is within the range [0, max_length]
* @param {string} key
* @param {number} max_length
* @returns
*/
function verify_string_byte_length(key, max_length) {
// Fast path
const MAX_UTF8_WIDTH = 4;
if (key.length * MAX_UTF8_WIDTH <= max_length) {
return true;
}

// Slow path
return Buffer.byteLength(key, 'utf8') <= max_length;
}

exports.STORAGE_CLASS_STANDARD = STORAGE_CLASS_STANDARD;
exports.STORAGE_CLASS_GLACIER = STORAGE_CLASS_GLACIER;
exports.STORAGE_CLASS_GLACIER_IR = STORAGE_CLASS_GLACIER_IR;
Expand Down Expand Up @@ -763,3 +781,4 @@ exports.parse_version_id = parse_version_id;
exports.get_object_owner = get_object_owner;
exports.get_default_object_owner = get_default_object_owner;
exports.set_response_supported_storage_classes = set_response_supported_storage_classes;
exports.verify_string_byte_length = verify_string_byte_length;

0 comments on commit 89bbc31

Please sign in to comment.