From: Christian Ebner <c.ebner@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox v11 3/4] s3 client: Add missing S3 object key max length check
Date: Tue, 22 Jul 2025 12:10:19 +0200 [thread overview]
Message-ID: <20250722101106.526438-4-c.ebner@proxmox.com> (raw)
In-Reply-To: <20250722101106.526438-1-c.ebner@proxmox.com>
S3 object keys are limited to 1024 bytes, including the path
components and separating slashes in addition to the filename.
Check the length when creating the key from a string.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
Reviewed-by: Hannes Laimer <h.laimer@proxmox.com>
Tested-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Hannes Laimer <h.laimer@proxmox.com>
---
changes since version 10:
- no changes
proxmox-s3-client/examples/s3_client.rs | 4 ++--
proxmox-s3-client/src/object_key.rs | 26 ++++++++++++++++++-------
2 files changed, 21 insertions(+), 9 deletions(-)
diff --git a/proxmox-s3-client/examples/s3_client.rs b/proxmox-s3-client/examples/s3_client.rs
index c65ceb83..1cbb3939 100644
--- a/proxmox-s3-client/examples/s3_client.rs
+++ b/proxmox-s3-client/examples/s3_client.rs
@@ -46,7 +46,7 @@ async fn run() -> Result<(), anyhow::Error> {
// Check if the bucket can be accessed
s3_client.head_bucket().await?;
- let rel_object_key = S3ObjectKey::from("object.txt");
+ let rel_object_key = S3ObjectKey::try_from("object.txt")?;
let body = proxmox_http::Body::empty();
let replace_existing_key = true;
let _response = s3_client
@@ -63,7 +63,7 @@ async fn run() -> Result<(), anyhow::Error> {
.await?;
// Delete a single object
- let rel_object_key = S3ObjectKey::from("object.txt");
+ let rel_object_key = S3ObjectKey::try_from("object.txt")?;
let _response = s3_client.delete_object(rel_object_key).await?;
Ok(())
}
diff --git a/proxmox-s3-client/src/object_key.rs b/proxmox-s3-client/src/object_key.rs
index 49959b6e..327e8ac7 100644
--- a/proxmox-s3-client/src/object_key.rs
+++ b/proxmox-s3-client/src/object_key.rs
@@ -1,4 +1,8 @@
-use anyhow::Error;
+use anyhow::{bail, Error};
+
+/// Byte limit for s3 object keys.
+/// See https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html
+const S3_OBJECT_KEY_MAX_LENGTH: usize = 1024;
#[derive(Clone, Debug)]
/// S3 Object Key
@@ -9,13 +13,21 @@ pub enum S3ObjectKey {
Relative(String),
}
-impl core::convert::From<&str> for S3ObjectKey {
- fn from(s: &str) -> Self {
- if let Some(s) = s.strip_prefix("/") {
- Self::Full(s.to_string())
+impl core::convert::TryFrom<&str> for S3ObjectKey {
+ type Error = Error;
+
+ fn try_from(s: &str) -> Result<Self, Error> {
+ let (key, key_byte_length) = if let Some(s) = s.strip_prefix("/") {
+ (Self::Full(s.to_string()), s.as_bytes().len())
} else {
- Self::Relative(s.to_string())
+ (Self::Relative(s.to_string()), s.as_bytes().len())
+ };
+ if key_byte_length > S3_OBJECT_KEY_MAX_LENGTH {
+ bail!(
+ "Object key length of {key_byte_length} exceeds limit of {S3_OBJECT_KEY_MAX_LENGTH}",
+ );
}
+ Ok(key)
}
}
impl S3ObjectKey {
@@ -56,7 +68,7 @@ impl std::str::FromStr for S3ObjectKey {
type Err = Error;
fn from_str(s: &str) -> Result<Self, Self::Err> {
- Ok(Self::from(s))
+ Self::try_from(s)
}
}
--
2.47.2
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
next prev parent reply other threads:[~2025-07-22 10:11 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-22 10:10 [pbs-devel] [PATCH proxmox{, -backup} v11 00/50] fix #2943: S3 storage backend for datastores Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox v11 1/4] pbs-api-types: extend datastore config by backend config enum Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox v11 2/4] pbs-api-types: maintenance: add new maintenance mode S3 refresh Christian Ebner
2025-07-22 10:10 ` Christian Ebner [this message]
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox v11 4/4] s3 client: merge secrets config with client config Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 01/46] datastore: add helpers for path/digest to s3 object key conversion Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 02/46] config: introduce s3 object store client configuration Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 03/46] api: config: implement endpoints to manipulate and list s3 configs Christian Ebner
2025-07-22 12:18 ` Lukas Wagner
2025-07-22 12:32 ` Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 04/46] api: datastore: check s3 backend bucket access on datastore create Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 05/46] api/cli: add endpoint and command to check s3 client connection Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 06/46] datastore: allow to get the backend for a datastore Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 07/46] api: backup: store datastore backend in runtime environment Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 08/46] api: backup: conditionally upload chunks to s3 object store backend Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 09/46] api: backup: conditionally upload blobs " Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 10/46] api: backup: conditionally upload indices " Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 11/46] api: backup: conditionally upload manifest " Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 12/46] api: datastore: conditionally upload client log to s3 backend Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 13/46] sync: pull: conditionally upload content " Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 14/46] api: reader: fetch chunks based on datastore backend Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 15/46] datastore: local chunk reader: read chunks based on backend Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 16/46] verify worker: add datastore backed to verify worker Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 17/46] verify: implement chunk verification for stores with s3 backend Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 18/46] datastore: create namespace marker in " Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 19/46] datastore: create/delete protected marker file on s3 storage backend Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 20/46] datastore: prune groups/snapshots from s3 object store backend Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 21/46] datastore: get and set owner for s3 " Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 22/46] datastore: implement garbage collection for s3 backend Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 23/46] ui: add datastore type selector and reorganize component layout Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 24/46] ui: add s3 client edit window for configuration create/edit Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 25/46] ui: add s3 client view for configuration Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 26/46] ui: expose the s3 client view in the navigation tree Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 27/46] ui: add s3 client selector and bucket field for s3 backend setup Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 28/46] tools: lru cache: add removed callback for evicted cache nodes Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 29/46] tools: async lru cache: implement insert, remove and contains methods Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 30/46] datastore: add local datastore cache for network attached storages Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 31/46] api: backup: use local datastore cache on s3 backend chunk upload Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 32/46] api: reader: use local datastore cache on s3 backend chunk fetching Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 33/46] datastore: local chunk reader: get cached chunk from local cache store Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 34/46] backup writer: refactor parameters into backup writer options struct Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 35/46] api: backup: add no-cache flag to bypass local datastore cache Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 36/46] api/datastore: implement refresh endpoint for stores with s3 backend Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 37/46] cli: add dedicated subcommand for datastore s3 refresh Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 38/46] ui: render s3 refresh as valid maintenance type and task description Christian Ebner
2025-07-22 10:10 ` [pbs-devel] [PATCH proxmox-backup v11 39/46] ui: expose s3 refresh button for datastores backed by object store Christian Ebner
2025-07-22 10:11 ` [pbs-devel] [PATCH proxmox-backup v11 40/46] datastore: conditionally upload atime marker chunk to s3 backend Christian Ebner
2025-07-22 10:11 ` [pbs-devel] [PATCH proxmox-backup v11 41/46] bin: implement client subcommands for s3 configuration manipulation Christian Ebner
2025-07-22 10:11 ` [pbs-devel] [PATCH proxmox-backup v11 42/46] bin: expose reuse-datastore flag for proxmox-backup-manager Christian Ebner
2025-07-22 10:11 ` [pbs-devel] [PATCH proxmox-backup v11 43/46] datastore: mark store as in-use by setting marker on s3 backend Christian Ebner
2025-07-22 10:11 ` [pbs-devel] [PATCH proxmox-backup v11 44/46] datastore: run s3-refresh when reusing a datastore with " Christian Ebner
2025-07-22 10:11 ` [pbs-devel] [PATCH proxmox-backup v11 45/46] api/ui: add flag to allow overwriting in-use marker for " Christian Ebner
2025-07-22 10:11 ` [pbs-devel] [PATCH proxmox-backup v11 46/46] docs: Add section describing how to setup s3 backed datastore Christian Ebner
2025-07-22 20:25 ` [pbs-devel] applied: [PATCH proxmox{, -backup} v11 00/50] fix #2943: S3 storage backend for datastores Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250722101106.526438-4-c.ebner@proxmox.com \
--to=c.ebner@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox