From afc68ff8804f2b20f5d40b089ce36bd92475bd0d Mon Sep 17 00:00:00 2001 From: chrislu Date: Mon, 17 Nov 2025 13:19:16 -0800 Subject: [PATCH] ensure correct conversion --- weed/s3api/s3api_object_handlers.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/weed/s3api/s3api_object_handlers.go b/weed/s3api/s3api_object_handlers.go index f8939c88d..c00d07d6e 100644 --- a/weed/s3api/s3api_object_handlers.go +++ b/weed/s3api/s3api_object_handlers.go @@ -8,6 +8,7 @@ import ( "errors" "fmt" "io" + "math" "mime" "net/http" "net/url" @@ -692,6 +693,9 @@ func (s3a *S3ApiServer) streamFromVolumeServers(w http.ResponseWriter, r *http.R if len(entry.Content) > 0 && totalSize == int64(len(entry.Content)) { if isRangeRequest { // Safely convert int64 to int for slice indexing + if offset < 0 || offset > int64(math.MaxInt) || size < 0 || size > int64(math.MaxInt) { + return fmt.Errorf("range too large for platform: offset=%d, size=%d", offset, size) + } start := int(offset) end := start + int(size) // Bounds check (should already be validated, but double-check)