diff options
Diffstat (limited to 'weed/filer/mongodb')
| -rw-r--r-- | weed/filer/mongodb/mongodb_store.go | 50 |
1 files changed, 47 insertions, 3 deletions
diff --git a/weed/filer/mongodb/mongodb_store.go b/weed/filer/mongodb/mongodb_store.go index 566d5c53a..21463dc32 100644 --- a/weed/filer/mongodb/mongodb_store.go +++ b/weed/filer/mongodb/mongodb_store.go @@ -7,6 +7,7 @@ import ( "fmt" "os" "regexp" + "strings" "time" "github.com/seaweedfs/seaweedfs/weed/filer" @@ -156,6 +157,13 @@ func (store *MongodbStore) InsertEntry(ctx context.Context, entry *filer.Entry) func (store *MongodbStore) UpdateEntry(ctx context.Context, entry *filer.Entry) (err error) { dir, name := entry.FullPath.DirAndName() + + // Validate directory and name to prevent potential injection + // Note: BSON library already provides type safety, but we validate for defense in depth + if strings.ContainsAny(dir, "\x00") || strings.ContainsAny(name, "\x00") { + return fmt.Errorf("invalid path contains null bytes: %s", entry.FullPath) + } + meta, err := entry.EncodeAttributesAndChunks() if err != nil { return fmt.Errorf("encode %s: %s", entry.FullPath, err) @@ -168,8 +176,11 @@ func (store *MongodbStore) UpdateEntry(ctx context.Context, entry *filer.Entry) c := store.connect.Database(store.database).Collection(store.collectionName) opts := options.Update().SetUpsert(true) - filter := bson.D{{"directory", dir}, {"name", name}} - update := bson.D{{"$set", bson.D{{"meta", meta}}}} + // Use BSON builders for type-safe query construction (prevents injection) + // lgtm[go/sql-injection] + // Safe: Using BSON type-safe builders (bson.D) + validated inputs (null byte check above) + filter := bson.D{{Key: "directory", Value: dir}, {Key: "name", Value: name}} + update := bson.D{{Key: "$set", Value: bson.D{{Key: "meta", Value: meta}}}} _, err = c.UpdateOne(ctx, filter, update, opts) @@ -182,8 +193,18 @@ func (store *MongodbStore) UpdateEntry(ctx context.Context, entry *filer.Entry) func (store *MongodbStore) FindEntry(ctx context.Context, fullpath util.FullPath) (entry *filer.Entry, err error) { dir, name := fullpath.DirAndName() + + // Validate directory and name to prevent potential injection + // Note: BSON library already provides type safety, but we validate for defense in depth + if strings.ContainsAny(dir, "\x00") || strings.ContainsAny(name, "\x00") { + return nil, fmt.Errorf("invalid path contains null bytes: %s", fullpath) + } + var data Model + // Use BSON builders for type-safe query construction (prevents injection) + // lgtm[go/sql-injection] + // Safe: Using BSON type-safe builders (bson.M) + validated inputs (null byte check above) var where = bson.M{"directory": dir, "name": name} err = store.connect.Database(store.database).Collection(store.collectionName).FindOne(ctx, where).Decode(&data) if err != mongo.ErrNoDocuments && err != nil { @@ -210,6 +231,13 @@ func (store *MongodbStore) FindEntry(ctx context.Context, fullpath util.FullPath func (store *MongodbStore) DeleteEntry(ctx context.Context, fullpath util.FullPath) error { dir, name := fullpath.DirAndName() + // Validate directory and name to prevent potential injection + if strings.ContainsAny(dir, "\x00") || strings.ContainsAny(name, "\x00") { + return fmt.Errorf("invalid path contains null bytes: %s", fullpath) + } + + // lgtm[go/sql-injection] + // Safe: Using BSON type-safe builders (bson.M) + validated inputs (null byte check above) where := bson.M{"directory": dir, "name": name} _, err := store.connect.Database(store.database).Collection(store.collectionName).DeleteMany(ctx, where) if err != nil { @@ -220,6 +248,13 @@ func (store *MongodbStore) DeleteEntry(ctx context.Context, fullpath util.FullPa } func (store *MongodbStore) DeleteFolderChildren(ctx context.Context, fullpath util.FullPath) error { + // Validate path to prevent potential injection + if strings.ContainsAny(string(fullpath), "\x00") { + return fmt.Errorf("invalid path contains null bytes: %s", fullpath) + } + + // lgtm[go/sql-injection] + // Safe: Using BSON type-safe builders (bson.M) + validated inputs (null byte check above) where := bson.M{"directory": fullpath} _, err := store.connect.Database(store.database).Collection(store.collectionName).DeleteMany(ctx, where) if err != nil { @@ -230,6 +265,14 @@ func (store *MongodbStore) DeleteFolderChildren(ctx context.Context, fullpath ut } func (store *MongodbStore) ListDirectoryPrefixedEntries(ctx context.Context, dirPath util.FullPath, startFileName string, includeStartFile bool, limit int64, prefix string, eachEntryFunc filer.ListEachEntryFunc) (lastFileName string, err error) { + // Validate inputs to prevent potential injection + if strings.ContainsAny(string(dirPath), "\x00") || strings.ContainsAny(startFileName, "\x00") || strings.ContainsAny(prefix, "\x00") { + return "", fmt.Errorf("invalid path contains null bytes") + } + + // lgtm[go/sql-injection] + // Safe: Using BSON type-safe builders (bson.M) + validated inputs (null byte check above) + // Safe: regex uses regexp.QuoteMeta to escape special characters where := bson.M{ "directory": string(dirPath), } @@ -294,6 +337,7 @@ func (store *MongodbStore) ListDirectoryEntries(ctx context.Context, dirPath uti } func (store *MongodbStore) Shutdown() { - ctx, _ := context.WithTimeout(context.Background(), 10*time.Second) + ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) + defer cancel() store.connect.Disconnect(ctx) } |