file storage backend: Spuriously deletes storage keys ending with .temp #23135

maxb · 2023-09-17T08:57:01Z

I happened to browse the diff of #15946 when it was mentioned in another issue.

I immediately spotted a defect in the code.

It uses ".temp" as a suffix for temporary files without caring whether that temporary file name will accidentally collide with a legitimate other storage entry...

$ vault secrets enable kv
Success! Enabled the kv secrets engine at: kv/
$ vault write kv/example.temp foo=bar
Success! Data written to: kv/example.temp
$ vault list kv
Keys
----
example.temp
$ vault write kv/example foo=bar
Success! Data written to: kv/example
$ vault list kv
Keys
----
example

kv/example.temp was unexpectedly overwritten by writing to kv/example !!!

The text was updated successfully, but these errors were encountered:

hghaf099 added bug Used to indicate a potential bug core/seal labels Sep 18, 2023

raskchanky added core/storage and removed core/seal labels Sep 19, 2023

hghaf099 added the reproduced This issue has been reproduced by a Vault engineer label Feb 5, 2024

hghaf099 mentioned this issue Feb 13, 2024

vault-23135 - fix modify storage keys ending with .temp causes overwr… #25395

Merged

hghaf099 closed this as completed Feb 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

file storage backend: Spuriously deletes storage keys ending with .temp #23135

file storage backend: Spuriously deletes storage keys ending with .temp #23135

maxb commented Sep 17, 2023

file storage backend: Spuriously deletes storage keys ending with .temp #23135

file storage backend: Spuriously deletes storage keys ending with .temp #23135

Comments

maxb commented Sep 17, 2023