Browse Source
Merge branch 'master' into load-bucket-object-locking-configuration-if-not-found-in-cache
pull/7422/head
Chris Lu
1 month ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with
10 additions and
2 deletions
-
weed/s3api/chunked_reader_v4.go
-
weed/s3api/chunked_reader_v4_test.go
|
|
|
@ -369,7 +369,6 @@ func (cr *s3ChunkedReader) Read(buf []byte) (n int, err error) { |
|
|
|
// If we're at the end of a chunk.
|
|
|
|
if cr.n == 0 { |
|
|
|
cr.state = readChunkTrailer |
|
|
|
continue |
|
|
|
} |
|
|
|
case verifyChunk: |
|
|
|
// Check if we have credentials for signature verification
|
|
|
|
|
|
|
|
@ -285,7 +285,16 @@ func TestSignedStreamingUploadInvalidSignature(t *testing.T) { |
|
|
|
|
|
|
|
// Build the chunked payload with INTENTIONALLY WRONG chunk signature
|
|
|
|
// We'll use a modified signature to simulate a tampered request
|
|
|
|
wrongChunkSignature := strings.Replace(chunk1Signature, "a", "b", 1) |
|
|
|
wrongChunkSignatureBytes := []byte(chunk1Signature) |
|
|
|
if len(wrongChunkSignatureBytes) > 0 { |
|
|
|
// Flip the first hex character to guarantee a different signature
|
|
|
|
if wrongChunkSignatureBytes[0] == '0' { |
|
|
|
wrongChunkSignatureBytes[0] = '1' |
|
|
|
} else { |
|
|
|
wrongChunkSignatureBytes[0] = '0' |
|
|
|
} |
|
|
|
} |
|
|
|
wrongChunkSignature := string(wrongChunkSignatureBytes) |
|
|
|
payload := fmt.Sprintf("400;chunk-signature=%s\r\n%s\r\n", wrongChunkSignature, chunk1Data) + |
|
|
|
fmt.Sprintf("0;chunk-signature=%s\r\n\r\n", finalSignature) |
|
|
|
|
|
|
|
|
