EC: proxy server returns wrong response on range GET
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Object Storage (swift) |
Fix Released
|
Medium
|
Daisuke Morita |
Bug Description
In EC case, proxy-server may return wrong response body and content length to client for unsatisfied range GET .
e.g.:
EC policy uses 1MB segment size. (default value for EC)
- PUT an 5 bytes object to an EC container
- GET the object with range bytes=1048575- => 416 with response body
- GET the object with range bytes=1048576- => 416 but the response shows content length as 5 and no body was coming in. My curl client stuck there.
(expected content_length=97 and the body, "<html>
i.e.:
To request to get the range more than ceil(object_
This was found at the conversation with Sam at following patch:
https:/
CVE References
Changed in swift: | |
assignee: | nobody → Daisuke Morita (morita-daisuke) |
Changed in swift: | |
status: | New → Confirmed |
Changed in swift: | |
importance: | Undecided → Medium |
Changed in swift: | |
milestone: | none → 2.5.0 |
status: | Fix Committed → Fix Released |
Hmmm, why didn't the system link this to https:/ /review. openstack. org/#/c/ 204892/ where the proposed fix it at?