From 3a09799e45e3460cdd9a54a73e9932f58eb50e56 Mon Sep 17 00:00:00 2001 From: Stefan Boberg Date: Fri, 6 Oct 2023 10:27:47 +0200 Subject: reject known bad bucket names in structured cache (#452) * added string_view helpers for ParseHexBytes/ParseHexNumber * reject known bad buckets in structured cache put handler (32-character hex bucket names are rejected) * also added bucket rejection logic to bucket discovery * added rejected_writes stat to HttpStructuredCache --- src/zenserver/cache/cachedisklayer.cpp | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) (limited to 'src/zenserver/cache/cachedisklayer.cpp') diff --git a/src/zenserver/cache/cachedisklayer.cpp b/src/zenserver/cache/cachedisklayer.cpp index 894676d6a..177d37aa9 100644 --- a/src/zenserver/cache/cachedisklayer.cpp +++ b/src/zenserver/cache/cachedisklayer.cpp @@ -2145,17 +2145,26 @@ ZenCacheDiskLayer::DiscoverBuckets() // Initialize buckets + std::vector BadBucketDirectories; + RwLock::ExclusiveLockScope _(m_Lock); for (const std::filesystem::path& BucketPath : DirContent.Directories) { const std::string BucketName = PathToUtf8(BucketPath.stem()); - // New bucket needs to be created + if (auto It = m_Buckets.find(BucketName); It != m_Buckets.end()) { continue; } + if (IsKnownBadBucketName(BucketName)) + { + BadBucketDirectories.push_back(BucketPath); + + continue; + } + auto InsertResult = m_Buckets.emplace(BucketName, std::make_unique(BucketName)); CacheBucket& Bucket = *InsertResult.first->second; @@ -2176,6 +2185,28 @@ ZenCacheDiskLayer::DiscoverBuckets() } ZEN_INFO("Discovered bucket '{}'", BucketName); } + + for (const std::filesystem::path& BadBucketPath : BadBucketDirectories) + { + bool IsOk = false; + + try + { + IsOk = DeleteDirectories(BadBucketPath); + } + catch (std::exception&) + { + } + + if (IsOk) + { + ZEN_INFO("found bad bucket at '{}', deleted contents", BadBucketPath); + } + else + { + ZEN_WARN("bad bucket delete failed for '{}'", BadBucketPath); + } + } } bool -- cgit v1.2.3