mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

avoid leaks during zip download and multi-object downloads (#3481)

Browse Source
This commit is contained in:
Harshavardhana
2024-12-03 07:47:32 +05:30
committed by GitHub
parent 0b8af385f1
commit 6afd0b16dc
6 changed files with 50 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
.github/workflows/jobs.yaml vendored
View File

@@ -22,7 +22,7 @@ jobs:
runs-on: [ubuntu-latest] runs-on: [ubuntu-latest]
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -64,7 +64,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -112,7 +112,7 @@ jobs:
runs-on: [ubuntu-latest] runs-on: [ubuntu-latest]
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
steps: steps:
# To build minio image, we need to clone the repository first # To build minio image, we need to clone the repository first
- name: Clone github.com/minio/minio - name: Clone github.com/minio/minio
@@ -150,7 +150,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -189,7 +189,7 @@ jobs:
timeout-minutes: 10 timeout-minutes: 10
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -243,7 +243,7 @@ jobs:
timeout-minutes: 10 timeout-minutes: 10
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -296,7 +296,7 @@ jobs:
timeout-minutes: 10 timeout-minutes: 10
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -348,7 +348,7 @@ jobs:
timeout-minutes: 10 timeout-minutes: 10
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -400,7 +400,7 @@ jobs:
timeout-minutes: 15 timeout-minutes: 15
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -448,7 +448,7 @@ jobs:
runs-on: [ubuntu-latest] runs-on: [ubuntu-latest]
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -496,7 +496,7 @@ jobs:
runs-on: [ubuntu-latest] runs-on: [ubuntu-latest]
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -544,7 +544,7 @@ jobs:
runs-on: [ubuntu-latest] runs-on: [ubuntu-latest]
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -595,7 +595,7 @@ jobs:
runs-on: [ubuntu-latest] runs-on: [ubuntu-latest]
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -648,7 +648,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -683,7 +683,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -720,7 +720,7 @@ jobs:
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
steps: steps:
- name: Check out code - name: Check out code
@@ -817,7 +817,7 @@ jobs:
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
steps: steps:
- name: Check out code - name: Check out code
@@ -867,7 +867,7 @@ jobs:
echo "replace github.com/minio/console => ../" >> go.mod echo "replace github.com/minio/console => ../" >> go.mod
echo "updates to go.mod needed; to update it: go mod tidy" echo "updates to go.mod needed; to update it: go mod tidy"
go mod tidy -compat=1.22 go mod tidy -compat=1.23
echo "Get git version to build MinIO Image"; echo "Get git version to build MinIO Image";
VERSION=`git rev-parse HEAD`; VERSION=`git rev-parse HEAD`;
@@ -901,7 +901,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -956,7 +956,7 @@ jobs:
echo "download golang x tools" echo "download golang x tools"
go mod download golang.org/x/tools go mod download golang.org/x/tools
echo "go mod tidy compat mode" echo "go mod tidy compat mode"
go mod tidy -compat=1.22 go mod tidy -compat=1.23
echo "go build gocoverage.go" echo "go build gocoverage.go"
go build gocovmerge.go go build gocovmerge.go
echo "put together the outs for final coverage resolution" echo "put together the outs for final coverage resolution"
@@ -1027,7 +1027,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -1069,7 +1069,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -1109,7 +1109,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -1137,7 +1137,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -1164,7 +1164,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -1192,7 +1192,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -1220,7 +1220,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code

4
.github/workflows/vulncheck.yaml vendored
View File

@@ -19,7 +19,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: 1.22 go-version: 1.23.3
check-latest: true check-latest: true
- name: Get official govulncheck - name: Get official govulncheck
run: go install golang.org/x/vuln/cmd/govulncheck@latest run: go install golang.org/x/vuln/cmd/govulncheck@latest
@@ -33,7 +33,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
go-version: [ 1.22 ] go-version: [ 1.23.x ]
os: [ ubuntu-latest ] os: [ ubuntu-latest ]
steps: steps:
- name: Check out code - name: Check out code

14
README.md
View File

@@ -25,21 +25,7 @@ A graphical user interface for [MinIO](https://github.com/minio/minio)
<!-- markdown-toc end --> <!-- markdown-toc end -->
## Install
MinIO Console is a library that provides a management and browser UI overlay for the MinIO Server. MinIO Console is a library that provides a management and browser UI overlay for the MinIO Server.
The standalone binary installation path has been removed.
In case a Console standalone binary is needed, it can be generated by building this package from source as follows:
### Build from source
> You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
> Minimum version required is go1.22
```
go install github.com/minio/console/cmd/console@latest
```
## Setup ## Setup

18
api/user_objects.go
View File

@@ -550,10 +550,13 @@ func getDownloadFolderResponse(session *models.Principal, params objectApi.Downl
Modified: modified, Modified: modified,
}) })
if err != nil { if err != nil {
object.Close()
// Ignore errors, move to next // Ignore errors, move to next
continue continue
} }
_, err = io.Copy(f, object) _, err = io.Copy(f, object)
object.Close()
if err != nil { if err != nil {
// We have a partial object, report error. // We have a partial object, report error.
pw.CloseWithError(err) pw.CloseWithError(err)
@@ -650,14 +653,17 @@ func getMultipleFilesDownloadResponse(session *models.Principal, params objectAp
// Ignore errors, move to next // Ignore errors, move to next
continue continue
} }
modified, _ := time.Parse(time.RFC3339, obj.LastModified)
modified, _ := time.Parse(time.RFC3339, obj.LastModified)
f, err := addToZip(name, modified) f, err := addToZip(name, modified)
if err != nil { if err != nil {
object.Close()
// Ignore errors, move to next // Ignore errors, move to next
continue continue
} }
_, err = io.Copy(f, object) _, err = io.Copy(f, object)
object.Close()
if err != nil { if err != nil {
// We have a partial object, report error. // We have a partial object, report error.
pw.CloseWithError(err) pw.CloseWithError(err)
@@ -666,13 +672,14 @@ func getMultipleFilesDownloadResponse(session *models.Principal, params objectAp
} }
} else { } else {
// add selected individual object object, err := mClient.GetObject(ctx, params.BucketName, dObj, minio.GetObjectOptions{})
objectData, err := mClient.StatObject(ctx, params.BucketName, dObj, minio.StatObjectOptions{})
if err != nil { if err != nil {
// Ignore errors, move to next // Ignore errors, move to next
continue continue
} }
object, err := mClient.GetObject(ctx, params.BucketName, dObj, minio.GetObjectOptions{})
// add selected individual object
objectData, err := object.Stat()
if err != nil { if err != nil {
// Ignore errors, move to next // Ignore errors, move to next
continue continue
@@ -683,10 +690,13 @@ func getMultipleFilesDownloadResponse(session *models.Principal, params objectAp
objectName := prefixes[len(prefixes)-1] objectName := prefixes[len(prefixes)-1]
f, err := addToZip(objectName, objectData.LastModified) f, err := addToZip(objectName, objectData.LastModified)
if err != nil { if err != nil {
object.Close()
// Ignore errors, move to next // Ignore errors, move to next
continue continue
} }
_, err = io.Copy(f, object) _, err = io.Copy(f, object)
object.Close()
if err != nil { if err != nil {
// We have a partial object, report error. // We have a partial object, report error.
pw.CloseWithError(err) pw.CloseWithError(err)

6
go.mod
View File

@@ -1,6 +1,6 @@
module github.com/minio/console module github.com/minio/console
go 1.22 go 1.23
require ( require (
github.com/blang/semver/v4 v4.0.0 github.com/blang/semver/v4 v4.0.0
@@ -24,6 +24,7 @@ require (
github.com/minio/madmin-go/v3 v3.0.68 github.com/minio/madmin-go/v3 v3.0.68
github.com/minio/mc v0.0.0-20240815155011-479171e7be9c github.com/minio/mc v0.0.0-20240815155011-479171e7be9c
github.com/minio/minio-go/v7 v7.0.81-0.20241125171916-a563333c01ef github.com/minio/minio-go/v7 v7.0.81-0.20241125171916-a563333c01ef
github.com/minio/pkg/v3 v3.0.22
github.com/minio/selfupdate v0.6.0 github.com/minio/selfupdate v0.6.0
github.com/minio/websocket v1.6.0 github.com/minio/websocket v1.6.0
github.com/mitchellh/go-homedir v1.1.0 github.com/mitchellh/go-homedir v1.1.0
@@ -35,14 +36,13 @@ require (
golang.org/x/crypto v0.28.0 golang.org/x/crypto v0.28.0
golang.org/x/net v0.30.0 golang.org/x/net v0.30.0
golang.org/x/oauth2 v0.22.0 golang.org/x/oauth2 v0.22.0
// Added to include security fix for // Added to include security fix for
// https://github.com/golang/go/issues/56152 // https://github.com/golang/go/issues/56152
golang.org/x/text v0.19.0 // indirect golang.org/x/text v0.19.0 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect
) )
require github.com/minio/pkg/v3 v3.0.22
require ( require (
aead.dev/mem v0.2.0 // indirect aead.dev/mem v0.2.0 // indirect
aead.dev/minisign v0.3.0 // indirect aead.dev/minisign v0.3.0 // indirect

8
web-app/playwright/jobs.yaml
View File

@@ -20,7 +20,7 @@ jobs:
runs-on: [ubuntu-latest] runs-on: [ubuntu-latest]
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -44,7 +44,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -84,7 +84,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code
@@ -129,7 +129,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
matrix: matrix:
go-version: [1.22.x] go-version: [1.23.x]
os: [ubuntu-latest] os: [ubuntu-latest]
steps: steps:
- name: Check out code - name: Check out code