Failed to set image property. Invalid input for field/attribute simplestreams_metadata. Value: ... is too long (HTTP 400)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
Low
|
Jorge Merlino | ||
Ubuntu Cloud Archive |
Fix Released
|
Undecided
|
Unassigned | ||
Antelope |
Triaged
|
Undecided
|
Jorge Merlino | ||
Bobcat |
Fix Released
|
Undecided
|
Jorge Merlino | ||
Caracal |
Fix Released
|
Undecided
|
Unassigned | ||
Yoga |
Fix Released
|
Undecided
|
Jorge Merlino | ||
Zed |
Won't Fix
|
Undecided
|
Unassigned | ||
cinder (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Jorge Merlino | ||
Mantic |
Fix Released
|
Undecided
|
Jorge Merlino | ||
Noble |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
Cinder does not allow setting volume metadata properties with values longer that 255 characters. Glance does allow values of up to 65536 bytes and a volume created from an image with metadata larger than 255 characters will keep that longer value in Cinder (the Cinder database field is long enough to hold it). The problem is that Cinder would not let a longer value to be set after the volume has been created.
This is inconsistent and generates issues in backup services that expect to be able to set metadata values to the same value the volume had before.
[Test Plan]
Create a volume:
openstack volume create test_vol --size 1
Try to set a property with a long value:
openstack volume set test_vol --image-property longprop=
This should return an error like:
Invalid input for field/attribute longprop. Value: 123456789012345...' is too long (HTTP 400) (Request-ID: req-69875caf-
Update cinder to this SRU version and run the volume set command again. It should work and return nothing.
[Where problems could occur]
The patch just changes the validation for the metadata length. It includes several tests of border cases. Worst case could be that it would not allow setting a metadata value that was allowed before but as the check has been changed to increase the value size that is unlikely.
CVE References
Changed in cinder: | |
importance: | Undecided → Wishlist |
status: | New → Incomplete |
tags: | added: metadata |
Changed in cinder: | |
assignee: | nobody → Jorge Merlino (jorge-merlino) |
no longer affects: | cinder (Ubuntu) |
Changed in cinder (Ubuntu Noble): | |
status: | New → Fix Released |
description: | updated |
tags: |
added: verification-done-mantic removed: verification-failed-mantic |
Dear Diko Parvanov,
From the logs, I can see that you are using the cinder client and the error looks like this:
RESP BODY: {"badRequest": {"code": 400, "message": "Invalid input for field/attribute simplestreams_ metadata. Value: {\"aliases\": \"20.04, default, f,focal, lts,ubuntu\ ", \"arch\": \"amd64\", \"ftype\": \"disk1.img\", \"label\": \"release\", \"md5\": \"8646f69a6814e d96e27de0a1be11 20a4\", \"os\": \"ubuntu\", \"pubname\": \"ubuntu- focal-20. 04-amd64- server- 20201111\ ", \"release\": \"focal\", \"release_ codename\ ": \"Focal Fossa\", \"release_title\": \"20.04 LTS\", \"sha256\": \"151e5e797dc01 31c4a1a41b76dac 34c551389be67e6 b551ab18c36026c 420e6a\ ", \"size\": \"546570752\", \"support_eol\": \"2025-04-23\", \"supported\": \"True\", \"version\": \"20.04\"}. '{\"aliases\": \"20.04, default, f,focal, lts,ubuntu\ ", \"arch\": \"amd64\", \"ftype\": \"disk1.img\", \"label\": \"release\", \"md5\": \"8646f69a6814e d96e27de0a1be11 20a4\", \"os\": \"ubuntu\", \"pubname\": \"ubuntu- focal-20. 04-amd64- server- 20201111\ ", \"release\": \"focal\", \"release_ codename\ ": \"Focal Fossa\", \"release_title\": \"20.04 LTS\", \"sha256\": \"151e5e797dc01 31c4a1a41b76dac 34c551389be67e6 b551ab18c36026c 420e6a\ ", \"size\": \"546570752\", \"support_eol\": \"2025-04-23\", \"supported\": \"True\", \"version\": \"20.04\"}' is too long"}} 172.22. 8.3:8776/ v3/74833ea5ad9e 4d1db5698037745 47fc7/volumes/ 82449828- aa1e-468c- bfe8-ed79514fd9 f7/action used request id req-5e6c7ce5- b5bc-445f- 9b59-9946845e1a 0b metadata. Value: {"aliases": "20.04, default, f,focal, lts,ubuntu" , "arch": "amd64", "ftype": "disk1.img", "label": "release", "md5": "8646f69a6814ed 96e27de0a1be112 0a4", "os": "ubuntu", "pubname": "ubuntu- focal-20. 04-amd64- server- 20201111" , "release": "focal", "release_codename": "Focal Fossa", "release_title": "20.04 LTS", "sha256": "151e5e797dc013 1c4a1a41b76dac3 4c551389be67e6b 551ab18c36026c4 20e6a", "size": "546570752", "support_eol": "2025-04-23", "supported": "True", "version": "20.04"}. '{"aliases": "20.04, default, f,focal, lts,ubuntu" , "arch": "amd64", "ftype": "disk1.img", "label": "release", "md5": "8646f69a6814ed 96e27de0a1be112 0a4", "os": "ubuntu", "pubname": "ubuntu- focal-20. 04-amd64- server- 20201111" , "release": "focal", "release_codename": "Focal Fossa", "release_title": "20.04 LTS", "sha256": "151e5e797dc013 1c4a1a41b76dac3 4c551389be67e6b 551ab18c36026c4 20e6a", "size": "546570752", "support_eol": "2025-04-23", "supported": "True", "version": "20.04"}' is too long (HTTP 400) (Request-ID: req-5e6c7ce5- b5bc-445f- 9b59-9946845e1a 0b)
POST call to volumev3 for http://
Failed to set image property: Invalid input for field/attribute simplestreams_
Would you mind sharing the next information with us so the cinder team can reproduce the problem:
- Would you mind sharing an input sample to reproduce this without simplestream and check if this is a cinder problem or a simplestream feature problem?
- Steps to reproduce this. What command are you using to update the metadata?
- Cinder Version
Best Regards
Sofia