Cue

cue worker vulnerable if cluster size is too large

Bug #1427894 reported by Davide Agnello on 2015-03-03
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Cue
Critical
Davide Agnello

Bug Description

Currently, the Cue API/Worker does not verify any limits on size of cluster being constructed. This makes Cue worker instances vulnerable to DOS attacks if an unrealistic cluster size is provided. The worker will attempt to build and execute a new work flow (TaskFlow) with any provided cluster size value.

Changed in cue:
importance: Undecided → Critical
Changed in cue:
assignee: nobody → Davide Agnello (dagnello)
Changed in cue:
status: New → In Progress

Reviewed: https://review.openstack.org/167806
Committed: https://git.openstack.org/cgit/stackforge/cue/commit/?id=33876924f749188eca4deaa4adfd4c60c5e78cef
Submitter: Jenkins
Branch: master

commit 33876924f749188eca4deaa4adfd4c60c5e78cef
Author: dagnello <email address hidden>
Date: Wed Mar 25 14:28:50 2015 -0700

    Cap maximum number of nodes in a cluster

    * Max limit configurable in cue.conf
    * Cue API post request (create cluster) will validate size is
      within this limit
    * Added API test for cluster creation higher than limit is rejected.

    closes-bug: 1427894

    Change-Id: I7e979b22c519df83a44699bac3d45d2a3802f2f7

Changed in cue:
status: In Progress → Fix Committed
Vipul Sabhaya (vipuls) on 2015-11-11
Changed in cue:
milestone: none → 1.0.0
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers