Validate string, integer limit for input parameter
1. Below apis will return 500 error code on passing name or description
parameters with more than 255 characters:
a. consisgroup-create
b. consisgroup-update
c. cgsnapshot-create
d. quota-class-update
e. quota-update
f. qos-create
g. volume-manage
h. volume-transfer
2. Below apis will return 500 error code on passing 'hard_limit' value
greater than mysql INT type:
a. quota-class-update
b. quota-update
c. encryption-type-create
3. Below apis accept name as string with whitespaces:
a. consisgroup-create
b. cgsnapshot-create
c. qos-create
d. volume-transfer
4. Type-key api will return 500 error code on passing key or value with
more than 255 characters.
Added new method
1. validate_name_and_description() in cinder.api.openstack.wsgi.Controller to validate length of name and
description and returned 400 if it exceeds the limit and removing
leading or trailing whitespaces and string containing only
whitespaces.
2. validate_string_length() in cinder.api.openstack.wsgi.Controller to
validate length of string and returned 400 if it exceeds the limit.
3. validate_integer() method in cinder.utils to validate integer
limit and returned 400 if limit exceeds.
APIImpact
1. For all above apis 400 response will be returned.
2. Earlier it was possible to pass only whitespaces or leading-trailing
spaces to 'name' parameters and 'key' while updating key-value in
type-key api.
Now it will raise 400 error if only whitespaces are passed and will
remove leading-trailing spaces if present in other cases.
Reviewed: https:/ /review. openstack. org/194968 /git.openstack. org/cgit/ openstack/ cinder/ commit/ ?id=cf679606078 44ef3426cae4d6e 2ab96f16187b99
Committed: https:/
Submitter: Jenkins
Branch: master
commit cf67960607844ef 3426cae4d6e2ab9 6f16187b99
Author: PranaliDeore <email address hidden>
Date: Wed Jun 17 04:49:24 2015 -0700
Validate string, integer limit for input parameter
1. Below apis will return 500 error code on passing name or description
parameters with more than 255 characters:
a. consisgroup-create
b. consisgroup-update
c. cgsnapshot-create
d. quota-class-update
e. quota-update
f. qos-create
g. volume-manage
h. volume-transfer
2. Below apis will return 500 error code on passing 'hard_limit' value type-create
greater than mysql INT type:
a. quota-class-update
b. quota-update
c. encryption-
3. Below apis accept name as string with whitespaces:
a. consisgroup-create
b. cgsnapshot-create
c. qos-create
d. volume-transfer
4. Type-key api will return 500 error code on passing key or value with
more than 255 characters.
Added new method name_and_ description( ) in
cinder. api.openstack. wsgi.Controller to validate length of name and string_ length( ) in cinder. api.openstack. wsgi.Controller to
1. validate_
description and returned 400 if it exceeds the limit and removing
leading or trailing whitespaces and string containing only
whitespaces.
2. validate_
validate length of string and returned 400 if it exceeds the limit.
3. validate_integer() method in cinder.utils to validate integer
limit and returned 400 if limit exceeds.
APIImpact
1. For all above apis 400 response will be returned.
2. Earlier it was possible to pass only whitespaces or leading-trailing
spaces to 'name' parameters and 'key' while updating key-value in
type-key api.
Now it will raise 400 error if only whitespaces are passed and will
remove leading-trailing spaces if present in other cases.
Closes-Bug: 1466351 93b579d1afffec0 bdf062b22a8
Closes-Bug: 1463379
Closes-Bug: 1465967
Change-Id: I0c0029d61ba2b2