ripplehang commented on code in PR #43601:
URL: https://github.com/apache/arrow/pull/43601#discussion_r1738408973
##########
cpp/src/arrow/filesystem/util_internal.cc:
##########
@@ -260,6 +263,44 @@ Result<FileInfoVector> GlobFiles(const
std::shared_ptr<FileSystem>& filesystem,
return out;
}
+bool CalculateSSECKeyMD5(const std::string& base64_encoded_key, std::string&
md5_result,
+ int expect_input_key_size) {
+ if (base64_encoded_key.size() < 2) {
+ return false;
+ }
+ // Check if the string contains only valid Base64 characters
+ for (char c : base64_encoded_key) {
+ if (!std::isalnum(c) && c != '+' && c != '/' && c != '=') {
+ return false;
+ }
+ }
+
+ // Decode the Base64-encoded key to get the raw binary key
+ Aws::Utils::ByteBuffer rawKey =
+ Aws::Utils::HashingUtils::Base64Decode(base64_encoded_key);
Review Comment:
From
https://github.com/aws/aws-sdk-cpp/blob/ac2da09e6930e3988d1289717e2df5d4b7408f17/src/aws-cpp-sdk-core/source/utils/base64/Base64.cpp#L91-L121,
seems this aws util API didn't validate the input properly,but directly
calculate the output size and allocate the buffer, so i add the check to ensure
every character is the valid character here.
Meanwhile, I also add the related Unit test for the CalculateSSECKeyMD5 to
test the different input value.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
