Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rework multipart handling without tree service #1087

Draft
wants to merge 11 commits into
base: master
Choose a base branch
from
Draft

Rework multipart handling without tree service #1087

wants to merge 11 commits into from

Conversation

smallhive
Copy link
Contributor

No description provided.

@smallhive
*: Remove errorsStd prefix for core errors package
5554012 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
go.mod: Upgraded github.com/aws/aws-sdk-go v1.55.5 => v1.55.6
2819d9e 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
go.mod: Upgraded github.com/nspcc-dev/neo-go v0.107.0 => v0.108.1
9a3eb7f 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
go.mod: Upgraded github.com/nspcc-dev/neofs-contract v0.20.0 => v0.21.0
f480347 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
go.mod: Upgraded github.com/prometheus/client_golang v1.20.2 => v1.21.0
bdd8bf0 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
go.mod: Upgraded github.com/spf13/pflag v1.0.5 => v1.0.6
31242a5 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
go.mod: Upgraded github.com/urfave/cli/v2
f300122 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
layer: Mark slot object with object type
50bf012 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
*: Remove tree service usage for multipart
83d7336 
Closes #1068.

Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
*: Remove unused in tree service
b036912 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
@smallhive
layer: Fix tests
5ea093b 
Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 28, 2025
View reviewed changes
api/layer/multipart_upload.go
maxKeys = 1000
}

opts.SetCount(uint32(maxKeys))

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types High

Incorrect conversion of an integer with architecture-dependent bit size from
strconv.Atoi
Loading
to a lower bit size type uint32 without an upper bound check.

Copilot Autofix AI 2 days ago

Copilot could not generate an autofix suggestion

Copilot could not generate an autofix suggestion for this alert. Try pushing a new commit or if the problem persists contact support.

api/layer/multipart_upload.go
}

if copies, err := strconv.ParseUint(payloadMap[metaKeyMultipartCopiesNumber], 10, 64); err == nil {
multipartInfo.CopiesNumber = uint32(copies)

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types High

Incorrect conversion of an unsigned 64-bit integer from
strconv.ParseUint
Loading
to a lower bit size type uint32 without an upper bound check.

Copilot Autofix AI 2 days ago

To fix the problem, we need to add an upper bound check to ensure that the value parsed from the string fits within the uint32 range before converting it. This can be done by comparing the parsed uint64 value against the maximum value of uint32 (math.MaxUint32). If the value exceeds this limit, we should handle it appropriately, such as by returning an error or using a default value.

Suggested changeset 1
api/layer/multipart_upload.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/api/layer/multipart_upload.go b/api/layer/multipart_upload.go
--- a/api/layer/multipart_upload.go
+++ b/api/layer/multipart_upload.go
@@ -17,2 +17,3 @@
 	"strconv"
+	"math"
 	"strings"
@@ -902,2 +903,5 @@
 	if copies, err := strconv.ParseUint(payloadMap[metaKeyMultipartCopiesNumber], 10, 64); err == nil {
+		if copies > math.MaxUint32 {
+			return data.MultipartInfo{}, fmt.Errorf("copies number exceeds uint32 limit: %d", copies)
+		}
 		multipartInfo.CopiesNumber = uint32(copies)
EOF
@@ -17,2 +17,3 @@
"strconv"
"math"
"strings"
@@ -902,2 +903,5 @@
if copies, err := strconv.ParseUint(payloadMap[metaKeyMultipartCopiesNumber], 10, 64); err == nil {
if copies > math.MaxUint32 {
return data.MultipartInfo{}, fmt.Errorf("copies number exceeds uint32 limit: %d", copies)
}
multipartInfo.CopiesNumber = uint32(copies)
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@roman-khimov roman-khimov Awaiting requested review from roman-khimov roman-khimov will be requested when the pull request is marked ready for review roman-khimov is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@smallhive