S3: buffer overflow for long access key
Connecting to a MinIO (S3-compatible) server via the S3 protocol does not work in certain conditions, because there seems to be a buffer overflow in WinSCP which causes invalid headers to be sent.
WinSCP sends this header:
a valid header would look like this:
So the Credential value sent is truncated and also includes the signature (most probably because of a buffer overflow, cause it works when using shorter access keys)
Access key and Secret key lenght is 64-characters both in this case.
//edit: looks like key-length is hardcoded to 32 (!)
https://github.com/winscp/winscp/blob/83ef71faa26704532f19048da86ed4c7cbb64694/libs/libs3/inc/util.h#L74
https://github.com/winscp/winscp/pull/15
WinSCP 5.17.8 b10803 on Win10 1909
WinSCP sends this header:
Authorization: AWS4-HMAC-SHA256 Credential=__ACCESS_KEY__/st01/s3/aws4_reque__SIGN__,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=__SIGN__
a valid header would look like this:
Authorization: AWS4-HMAC-SHA256 Credential=__ACCESS_KEY__/20201016/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=__SIGN__
So the Credential value sent is truncated and also includes the signature (most probably because of a buffer overflow, cause it works when using shorter access keys)
Access key and Secret key lenght is 64-characters both in this case.
//edit: looks like key-length is hardcoded to 32 (!)
https://github.com/winscp/winscp/blob/83ef71faa26704532f19048da86ed4c7cbb64694/libs/libs3/inc/util.h#L74
https://github.com/winscp/winscp/pull/15
WinSCP 5.17.8 b10803 on Win10 1909
