From 3a63939fc9d9b1b84dd343a405c364676fe07bf4 Mon Sep 17 00:00:00 2001 From: Jeff Wendling Date: Thu, 23 Jun 2022 18:31:12 -0400 Subject: [PATCH] satellite/metabase: add defensive check on copy object - instead of closing over the outer err variable, potentially overwriting some errors or something, declare local variables. - double check that we got the number of rows we expected to get and error otherwise. this prevents a possible source of inserting bogus rows into the database. Change-Id: I30662be2727afe0a90e4215a182fedc2648d1169 --- satellite/metabase/copy_object.go | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/satellite/metabase/copy_object.go b/satellite/metabase/copy_object.go index a2d83dfd0..5443a7ba9 100644 --- a/satellite/metabase/copy_object.go +++ b/satellite/metabase/copy_object.go @@ -249,7 +249,7 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje `, originalObject.StreamID, originalObject.SegmentCount))(func(rows tagsql.Rows) error { index := 0 for rows.Next() { - err = rows.Scan( + err := rows.Scan( &positions[index], &expiresAts[index], &rootPieceIDs[index], @@ -263,9 +263,14 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje index++ } - if err = rows.Err(); err != nil { + if err := rows.Err(); err != nil { return err } + + if index != int(originalObject.SegmentCount) { + return Error.New("could not load all of the segment information") + } + return nil }) if err != nil {