Stacktrace is visible for api call exceptions
Bug #869132 reported by
Stanislaw Pitucha
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Low
|
Stanislaw Pitucha |
Bug Description
Stacktrace is visible for the api users in case some internal exception occurs. This should not be possible for both user-friendliness reasons and to limit potential security problems of revealing failing component.
Changed in nova: | |
assignee: | nobody → Stanislaw Pitucha (stanislaw-pitucha) |
status: | New → In Progress |
Changed in nova: | |
importance: | Undecided → Medium |
security vulnerability: | no → yes |
Changed in nova: | |
importance: | Medium → Low |
Changed in nova: | |
milestone: | none → essex-1 |
status: | Fix Committed → Fix Released |
Changed in nova: | |
milestone: | essex-1 → 2012.1 |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/802 github. com/openstack/ nova/commit/ 68111826afed690 76d8b09363bb119 1ecebe3b53
Committed: http://
Submitter: Jenkins
Branch: master
status fixcommitted
done
commit 68111826afed690 76d8b09363bb119 1ecebe3b53
Author: Ahmad Hassan <email address hidden>
Date: Thu Oct 6 11:16:32 2011 +0100
Capture exceptions happening in API layer
Added the faulwrapper around EC2 api so that it captures any unseen
exceptions and return a graceful error back. Also changed the openstack
exception message. The actual exception message will be printed in the
logs and would not return back the user.
Removed openstack wsgi dependency from
EC2 fault wrapper. Added unit tests for
EC2 fault wrapper
Fixes bug 869132.
Change-Id: I03d18f321f141a e96f1add99ea0b7 0e736253c89