From 89bbc3177651797ef5201c8ffa1b202c09dd68ce Mon Sep 17 00:00:00 2001 From: Utkarsh Srivastava Date: Wed, 22 Jan 2025 22:14:51 +0530 Subject: [PATCH] Fix key and bucket length checks - make it byte count Signed-off-by: Utkarsh Srivastava (cherry picked from commit c9825c23e6d26ddffc5231061cf1f82ed3b47985) --- src/endpoint/s3/s3_rest.js | 5 +++-- src/endpoint/s3/s3_utils.js | 19 +++++++++++++++++++ 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/src/endpoint/s3/s3_rest.js b/src/endpoint/s3/s3_rest.js index b44710919a..1f9ca8e935 100755 --- a/src/endpoint/s3/s3_rest.js +++ b/src/endpoint/s3/s3_rest.js @@ -13,6 +13,7 @@ const time_utils = require('../../util/time_utils'); const http_utils = require('../../util/http_utils'); const signature_utils = require('../../util/signature_utils'); const config = require('../../../config'); +const s3_utils = require('./s3_utils'); const S3_MAX_BODY_LEN = 4 * 1024 * 1024; @@ -341,10 +342,10 @@ function get_bucket_and_key(req) { } } - if (key?.length > config.S3_MAX_KEY_LENGTH) { + if (key?.length && !s3_utils.verify_string_byte_length(key, config.S3_MAX_KEY_LENGTH)) { throw new S3Error(S3Error.KeyTooLongError); } - if (bucket?.length > config.S3_MAX_BUCKET_NAME_LENGTH) { + if (bucket?.length && !s3_utils.verify_string_byte_length(bucket, config.S3_MAX_BUCKET_NAME_LENGTH)) { throw new S3Error(S3Error.InvalidBucketName); } diff --git a/src/endpoint/s3/s3_utils.js b/src/endpoint/s3/s3_utils.js index d51227cf53..7b4757aae6 100644 --- a/src/endpoint/s3/s3_utils.js +++ b/src/endpoint/s3/s3_utils.js @@ -724,6 +724,24 @@ function parse_restore_request_days(req) { return days; } +/** + * Returns true if the byte length of the key + * is within the range [0, max_length] + * @param {string} key + * @param {number} max_length + * @returns + */ +function verify_string_byte_length(key, max_length) { + // Fast path + const MAX_UTF8_WIDTH = 4; + if (key.length * MAX_UTF8_WIDTH <= max_length) { + return true; + } + + // Slow path + return Buffer.byteLength(key, 'utf8') <= max_length; +} + exports.STORAGE_CLASS_STANDARD = STORAGE_CLASS_STANDARD; exports.STORAGE_CLASS_GLACIER = STORAGE_CLASS_GLACIER; exports.STORAGE_CLASS_GLACIER_IR = STORAGE_CLASS_GLACIER_IR; @@ -763,3 +781,4 @@ exports.parse_version_id = parse_version_id; exports.get_object_owner = get_object_owner; exports.get_default_object_owner = get_default_object_owner; exports.set_response_supported_storage_classes = set_response_supported_storage_classes; +exports.verify_string_byte_length = verify_string_byte_length;