search

awslabs / aws-c-s3

C99 library implementation for communicating with the S3 service, designed for maximizing throughput on high bandwidth EC2 instances.
Apache License 2.0
93 stars 37 forks source link

BREAKING CHANGE: operation_name must be set for DEFAULT meta-requests #439

Closed graebm closed 2 months ago

graebm commented 2 months ago

Issue:

For some operations, S3 can return an error response, despite having sent status-code 200 OK (see knowledge center)

To defend against this, aws-c-s3 checked all 200 OK responses to see if they were actually XML errors, except responses related to AWS_S3_META_REQUEST_TYPE_GET_OBJECT. We knew that operations with "streaming body" responses never did "200 Error", and what if someone did "GetObject" on an XML error message they'd uploaded to S3, LoL πŸ˜‚ haha πŸ˜‚ that would never happen πŸ˜‚.

We heard from a customer that was using AWS_S3_META_REQUEST_TYPE_DEFAULT (instead of AWS_S3_META_REQUEST_TYPE_GET_OBJECT) to send a "GetObject" request. The object was logs, and the logs began with an XML error message. Since aws-c-s3 didn't realize this was a "GetObject" request, it scanned the body of the response and mistook it for a "200 error".

Description of changes:

Users MUST set operation_name for AWS_S3_META_REQUEST_TYPE_DEFAULT. Previously, this was an optional field, but now it is required. This lets us ensure that "GetObject" operations are never checked for "200 Error", even if they were sent via AWS_S3_META_REQUEST_TYPE_DEFAULT.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.