Invalid UUID in servers rest calls causes 500s when using Postgresql

Bug #1100253 reported by Sean Dague
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Fix Released
High
Sean Dague

Bug Description

When using the Postgresql database, invalid UUIDs cause 500s because the following check in nova/compute/api.py(L1168):

    def get(self, context, instance_id):
        """Get a single instance with the given instance_id."""
        # NOTE(ameade): we still need to support integer ids for ec2
        if uuidutils.is_uuid_like(instance_id):
            instance = self.db.instance_get_by_uuid(context, instance_id)
        else:
            instance = self.db.instance_get(context, instance_id)

When an invalid, though string like, UUID is passed into this code (like a 35 or 37 alphabetic UUIDish string), we fail over to the integer version of this function. The net result id we pass a non-int value down to instance_get.

On MySQL, which is pretty type fluid, things are fine. On Postgresql, which is type strict, this generates a DataError because id='aaaaaa' is never executed, as it's a type error.

Sean Dague (sdague)
Changed in nova:
importance: Undecided → High
Sean Dague (sdague)
Changed in nova:
assignee: nobody → Sean Dague (sdague-b)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (master)

Fix proposed to branch: master
Review: https://review.openstack.org/19846

Changed in nova:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (master)

Reviewed: https://review.openstack.org/19846
Committed: http://github.com/openstack/nova/commit/5956ea0079befa7e3e5d5316213fad4d00f25652
Submitter: Jenkins
Branch: master

commit 5956ea0079befa7e3e5d5316213fad4d00f25652
Author: Sean Dague <email address hidden>
Date: Wed Jan 16 14:36:00 2013 -0500

    enforce server_id can only be uuid or int

    the get() function takes an arbitrary id coming from the rest url
    for the server. In our current code it checks if this is a proper uuid
    and sends it down the uuid path, everything else gets dispatched to
    the version that selects by integer id. This means that arbitrary
    garbage fuzzed server ids will get sent down the int path, all the way
    to the database.

    In postgresql, where the db is strongly typed, this causes a type error.
    This error was found by tempest nightly runs where we send some 35 and 37
    character strings in.

    This patch creates and equivalent is_int_like function. If the server_id
    is neither uuid_like nor int_like, we throw the InstanceNotFound exception
    early. This also saves us a trip to the database in these cases.

    Make the is_int_like a little more robust, and don't succeed on floats

    Once more with feeling, to let us actually use is_int_like on ints, not
    just strings.

    Fixes bug #1100253

    Change-Id: If4ae8005fd33a23ac50a6408ecd5933a2ff6425c

Changed in nova:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in nova:
milestone: none → grizzly-3
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in nova:
milestone: grizzly-3 → 2013.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.