Cinder

Bug #1463379
Comment #1

Comment 1 for bug 1463379

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-08-15: Fix merged to cinder (master)

Reviewed: https://review.openstack.org/194968
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=cf67960607844ef3426cae4d6e2ab96f16187b99
Submitter: Jenkins
Branch: master

commit cf67960607844ef3426cae4d6e2ab96f16187b99
Author: PranaliDeore <email address hidden>
Date: Wed Jun 17 04:49:24 2015 -0700

Validate string, integer limit for input parameter

    1. Below apis will return 500 error code on passing name or description
       parameters with more than 255 characters:
       a. consisgroup-create
       b. consisgroup-update
       c. cgsnapshot-create
       d. quota-class-update
       e. quota-update
       f. qos-create
       g. volume-manage
       h. volume-transfer

    2. Below apis will return 500 error code on passing 'hard_limit' value
       greater than mysql INT type:
       a. quota-class-update
       b. quota-update
       c. encryption-type-create

    3. Below apis accept name as string with whitespaces:
       a. consisgroup-create
       b. cgsnapshot-create
       c. qos-create
       d. volume-transfer

4. Type-key api will return 500 error code on passing key or value with
more than 255 characters.

    Added new method
    1. validate_name_and_description() in
       cinder.api.openstack.wsgi.Controller to validate length of name and
       description and returned 400 if it exceeds the limit and removing
       leading or trailing whitespaces and string containing only
       whitespaces.
    2. validate_string_length() in cinder.api.openstack.wsgi.Controller to
       validate length of string and returned 400 if it exceeds the limit.
    3. validate_integer() method in cinder.utils to validate integer
       limit and returned 400 if limit exceeds.

    APIImpact
    1. For all above apis 400 response will be returned.
    2. Earlier it was possible to pass only whitespaces or leading-trailing
       spaces to 'name' parameters and 'key' while updating key-value in
       type-key api.
       Now it will raise 400 error if only whitespaces are passed and will
       remove leading-trailing spaces if present in other cases.

    Closes-Bug: 1466351
    Closes-Bug: 1463379
    Closes-Bug: 1465967
    Change-Id: I0c0029d61ba2b293b579d1afffec0bdf062b22a8

Reviewed:  https://review.openstack.org/194968
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=cf67960607844ef3426cae4d6e2ab96f16187b99
Submitter: Jenkins
Branch:    master

commit cf67960607844ef3426cae4d6e2ab96f16187b99
Author: PranaliDeore <pranali11.deore@nttdata.com>
Date:   Wed Jun 17 04:49:24 2015 -0700

Validate string, integer limit for input parameter
    
    1. Below apis will return 500 error code on passing name or description
       parameters with more than 255 characters:
       a. consisgroup-create
       b. consisgroup-update
       c. cgsnapshot-create
       d. quota-class-update
       e. quota-update
       f. qos-create
       g. volume-manage
       h. volume-transfer
    
    2. Below apis will return 500 error code on passing 'hard_limit' value
       greater than mysql INT type:
       a. quota-class-update
       b. quota-update
       c. encryption-type-create
    
    3. Below apis accept name as string with whitespaces:
       a. consisgroup-create
       b. cgsnapshot-create
       c. qos-create
       d. volume-transfer
    
    4. Type-key api will return 500 error code on passing key or value with
       more than 255 characters.
    
    Added new method
    1. validate_name_and_description() in
       cinder.api.openstack.wsgi.Controller to validate length of name and
       description and returned 400 if it exceeds the limit and removing
       leading or trailing whitespaces and string containing only
       whitespaces.
    2. validate_string_length() in cinder.api.openstack.wsgi.Controller to
       validate length of string and returned 400 if it exceeds the limit.
    3. validate_integer() method in cinder.utils to validate integer
       limit and returned 400 if limit exceeds.
    
    APIImpact
    1. For all above apis 400 response will be returned.
    2. Earlier it was possible to pass only whitespaces or leading-trailing
       spaces to 'name' parameters and 'key' while updating key-value in
       type-key api.
       Now it will raise 400 error if only whitespaces are passed and will
       remove leading-trailing spaces if present in other cases.
    
    Closes-Bug: 1466351
    Closes-Bug: 1463379
    Closes-Bug: 1465967
    Change-Id: I0c0029d61ba2b293b579d1afffec0bdf062b22a8