Barbican

Secret PUT fails with a 500 error

Bug #1315498 reported by Douglas Mendizábal
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Barbican
Fix Released
Critical
Douglas Mendizábal
Barbican 2014.2 "juno"

Bug Description

During a Secret PUT with Content-Type: application/octet-stream, Barbican attempts to decode the binary data to UTF-8. This throws an exception when the binary data contains bits that do not represent a UTF-8 code point.

Douglas Mendizábal (dougmendizabal)
Changed in barbican:
status: New → Confirmed
importance: Undecided → Critical
assignee: nobody → Douglas Mendizabal (dougmendizabal)
milestone: none → juno-1
Revision history for this message
Openstack Gerrit (openstack-gerrit) wrote : Fix proposed to barbican (master)

Fix proposed to branch: master
Review: https://review.openstack.org/91874

Changed in barbican:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to barbican (master)

Reviewed: https://review.openstack.org/91874
Committed: https://git.openstack.org/cgit/stackforge/barbican/commit/?id=7699eeb2ec2e38389f421e145c4d112cd918c7cf
Submitter: Jenkins
Branch: master

commit 7699eeb2ec2e38389f421e145c4d112cd918c7cf
Author: Douglas Mendizabal <email address hidden>
Date: Fri May 2 14:25:10 2014 -0500

    Fix a bug with handling of binary data

    When checking the length of the data in a request, Barbican assumes
    that data is UTF-8 encoded strings. Barbican then attempts to
    decode all data from UTF-8 to byte strings, which results in an
    exception when the data does not conform to UTF-8.

    This CR also adds the six library as a dependency to add type checking
    that is compatible in both Python 2 and 3.

    Change-Id: I3e937998c3bd4d5fbe94c89099ba56c26dbb75b7
    Closes-Bug: #1315498

Changed in barbican:
status: In Progress → Fix Committed
John Wood (john-wood-w)
Changed in barbican:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in barbican:
milestone: juno-1 → 2014.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.