gsh-digital-services/seaweedFS
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

s3tables: Validate bucket name in parseBucketNameFromARN()

Browse Source 
Enforce the same bucket name validation rules (length, characters, reserved
prefixes/suffixes) when extracting from ARN. This prevents accepting ARNs
that the system would never create and ensures consistency with
CreateTableBucket validation.
This commit is contained in:
Chris Lu
2026-01-28 16:20:49 -08:00
parent b1d7f3d6e8
commit fb4fb8b082
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
weed/s3api/s3tables/utils.go
View File

@@ -30,7 +30,11 @@ func parseBucketNameFromARN(arn string) (string, error) {
if len(matches) != 2 { if len(matches) != 2 {
return "", fmt.Errorf("invalid bucket ARN: %s", arn) return "", fmt.Errorf("invalid bucket ARN: %s", arn)
} }
return matches[1], nil bucketName := matches[1]
if !isValidBucketName(bucketName) {
return "", fmt.Errorf("invalid bucket name in ARN: %s", bucketName)
}
return bucketName, nil
} }
// parseTableFromARN extracts bucket name, namespace, and table name from ARN // parseTableFromARN extracts bucket name, namespace, and table name from ARN