From: Felix Hüttner <felix.huettner@mail.schwarz>
Date: Thu, 6 May 2021 16:18:00 +0000 (-0400)
Subject: rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name
X-Git-Tag: archive/raspbian/12.2.11+dfsg1-2.1+rpi1+deb10u1^2~4
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=d67fdc5df4052598e7917ea0c4b2c57dfc8738dc;p=ceph.git

rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name

checking for empty name avoids later assertion in RGWObjectCtx::set_atomic

Fixes: CVE-2021-3531

Reviewed-by: Casey Bodley <cbodley@redhat.com>
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 7196a469b4470f3c8628489df9a41ec8b00a5610)

Origin: upstream, https://github.com/ceph/ceph/commit/f44a8ae8aa27ecef69528db9aec220f12492810e

Gbp-Pq: Name CVE-2021-3531.patch
---

diff --git a/src/rgw/rgw_rest_swift.cc b/src/rgw/rgw_rest_swift.cc
index 35e192c15..98f10e680 100644
--- a/src/rgw/rgw_rest_swift.cc
+++ b/src/rgw/rgw_rest_swift.cc
@@ -2436,6 +2436,9 @@ bool RGWSwiftWebsiteHandler::is_web_dir() const
     return false;
   } else if (subdir_name.back() == '/') {
     subdir_name.pop_back();
+    if (subdir_name.empty()) {
+      return false;
+    }
   }
 
   rgw_obj obj(s->bucket, std::move(subdir_name));