[pbs-devel] [PATCH proxmox v10 3/3] s3 client: Add missing S3 object key max length check

[Christian Ebner]

S3 object keys are limited to 1024 bytes, including the path
components and separating slashes in addition to the filename.

Check the length when creating the key from a string.

Signed-off-by: Christian Ebner <c.ebner at proxmox.com>
---
changes since version 9:
- not present in previous version

 proxmox-s3-client/examples/s3_client.rs |  4 ++--
 proxmox-s3-client/src/object_key.rs     | 26 ++++++++++++++++++-------
 2 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/proxmox-s3-client/examples/s3_client.rs b/proxmox-s3-client/examples/s3_client.rs
index c65ceb83..1cbb3939 100644
--- a/proxmox-s3-client/examples/s3_client.rs
+++ b/proxmox-s3-client/examples/s3_client.rs
@@ -46,7 +46,7 @@ async fn run() -> Result<(), anyhow::Error> {
     // Check if the bucket can be accessed
     s3_client.head_bucket().await?;
 
-    let rel_object_key = S3ObjectKey::from("object.txt");
+    let rel_object_key = S3ObjectKey::try_from("object.txt")?;
     let body = proxmox_http::Body::empty();
     let replace_existing_key = true;
     let _response = s3_client
@@ -63,7 +63,7 @@ async fn run() -> Result<(), anyhow::Error> {
         .await?;
 
     // Delete a single object
-    let rel_object_key = S3ObjectKey::from("object.txt");
+    let rel_object_key = S3ObjectKey::try_from("object.txt")?;
     let _response = s3_client.delete_object(rel_object_key).await?;
     Ok(())
 }
diff --git a/proxmox-s3-client/src/object_key.rs b/proxmox-s3-client/src/object_key.rs
index 49959b6e..327e8ac7 100644
--- a/proxmox-s3-client/src/object_key.rs
+++ b/proxmox-s3-client/src/object_key.rs
@@ -1,4 +1,8 @@
-use anyhow::Error;
+use anyhow::{bail, Error};
+
+/// Byte limit for s3 object keys.
+/// See https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html
+const S3_OBJECT_KEY_MAX_LENGTH: usize = 1024;
 
 #[derive(Clone, Debug)]
 /// S3 Object Key
@@ -9,13 +13,21 @@ pub enum S3ObjectKey {
     Relative(String),
 }
 
-impl core::convert::From<&str> for S3ObjectKey {
-    fn from(s: &str) -> Self {
-        if let Some(s) = s.strip_prefix("/") {
-            Self::Full(s.to_string())
+impl core::convert::TryFrom<&str> for S3ObjectKey {
+    type Error = Error;
+
+    fn try_from(s: &str) -> Result<Self, Error> {
+        let (key, key_byte_length) = if let Some(s) = s.strip_prefix("/") {
+            (Self::Full(s.to_string()), s.as_bytes().len())
         } else {
-            Self::Relative(s.to_string())
+            (Self::Relative(s.to_string()), s.as_bytes().len())
+        };
+        if key_byte_length > S3_OBJECT_KEY_MAX_LENGTH {
+            bail!(
+                "Object key length of {key_byte_length} exceeds limit of {S3_OBJECT_KEY_MAX_LENGTH}",
+            );
         }
+        Ok(key)
     }
 }
 impl S3ObjectKey {
@@ -56,7 +68,7 @@ impl std::str::FromStr for S3ObjectKey {
     type Err = Error;
 
     fn from_str(s: &str) -> Result<Self, Self::Err> {
-        Ok(Self::from(s))
+        Self::try_from(s)
     }
 }
 
-- 
2.47.2