osd: invalid capability string can allow arbitrary access
3 - minor
Pull request ID:
Crash signature (v1):
Crash signature (v2):
If you use the cap osd 'allow rwx pool=bar', the parser will add the grant for 'allow rwx', but fail to parse the 'foo=bar' part without clearing the grants.
#1 Updated by Josh Durgin over 10 years ago
The first commit in wip-osd-caps fixes this.
#2 Updated by Josh Durgin over 10 years ago
- Target version set to v0.54a
#3 Updated by Josh Durgin over 10 years ago
- Status changed from Fix Under Review to Resolved
#4 Updated by Josh Durgin over 10 years ago
- Backport deleted (
Argonaut does not have this bug. It was introduced in a post-argonaut refactoring of OSDCaps.