2139422 – [RGW][MS]: Crash seen on malformed bucket URL

Bug 2139422 - [RGW][MS]: Crash seen on malformed bucket URL

Summary: [RGW][MS]: Crash seen on malformed bucket URL

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	RGW-Multisite
Sub Component:
Version:	5.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	5.3
Assignee:	Adam C. Emerson
QA Contact:	Hemanth Sai
Docs Contact:	Akash Raj
URL:
Whiteboard:
Depends On:
Blocks:	2126049
TreeView+	depends on / blocked

Reported:	2022-11-02 13:30 UTC by Madhavi Kasturi
Modified:	2023-01-11 17:42 UTC (History)
CC List:	7 users (show)
Fixed In Version:	ceph-16.2.10-77.el8cp
Doc Type:	Bug Fix
Doc Text:	.Requests with a tenant but no bucket no longer cause a crash Previously, an upstream refactoring replaced uninitialized bucket data fields with uninitialized pointers. Due to this, any bucket request containing a URL referencing no valid bucket caused crashes. With this fix, requests that access the bucket but do not specify a valid bucket are denied, resulting in an error instead of a crash.
Clone Of:
Environment:
Last Closed:	2023-01-11 17:41:26 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHCEPH-5546	0	None	None	None	2022-11-02 13:34:59 UTC
Red Hat Product Errata	RHSA-2023:0076	0	None	None	None	2023-01-11 17:42:18 UTC

Comment 5 Veera Raghava Reddy 2022-11-14 18:16:06 UTC

Hi Adam,
Can you link the upstream PR to the BZ?

Hi Thomas,
This BZ needs to be added to the 5.3 RC build.

Regards,
Veera

Comment 7 Veera Raghava Reddy 2022-11-14 18:51:36 UTC

Thanks Adam.

Comment 34 errata-xmlrpc 2023-01-11 17:41:26 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Red Hat Ceph Storage 5.3 security update and Bug Fix), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:0076

Note You need to log in before you can comment on or make changes to this bug.