Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Fixed SSE-KMS Multipart ChunkReader HTTP Body Leak

pull/7481/head
chrislu 3 weeks ago
parent
7a0d413a8d
commit
21e6b7c281
1 changed files with 9 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      weed/s3api/s3api_object_handlers.go

11
weed/s3api/s3api_object_handlers.go
View File

@ -3085,8 +3085,15 @@ func (s3a *S3ApiServer) createMultipartSSEKMSDecryptedReader(r *http.Request, pr
return nil, fmt.Errorf("failed to decrypt chunk: %v", decErr)
}
// Use the streaming decrypted reader directly instead of reading into memory
readers = append(readers, decryptedChunkReader)
// Wrap the decrypted reader with the underlying chunkReader to ensure HTTP body is closed
// This matches the SSE-S3 pattern and prevents resource leaks
readers = append(readers, struct {
io.Reader
io.Closer
}{
Reader: decryptedChunkReader,
Closer: chunkReader,
})
glog.V(4).Infof("Added streaming decrypted reader for chunk %s in multipart SSE-KMS object", chunk.GetFileIdString())
}

Write Preview
Loading…
Cancel
Save