500 error if custom property key is greater than 255 characters

Bug #1737952 reported by Abhishek Kekane on 2017-12-13
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Glance
Medium
Abhishek Kekane

Bug Description

While creating the image if user passes property 'key' greater than 255 characters then it fails with 500 error. Ideally it should return 400 Bad Request to the user.

Steps to reproduce:
1. Create image
glance image-create --name mySignedImage --container-format bare --disk-format qcow2 --property "abccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc"="12434" --file ~/devstack/local.conf

Output:
500 Internal Server Error: The server has either erred or is incapable of performing the requested operation. (HTTP 500)

g-api logs:
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi [None req-61ff5b17-2af5-4cf1-80d5-496ae776da25 demo demo] Caught error: (pymysql.err.DataError) (1406, u"Data too long for column 'name' at row 1") [SQL: u'INSERT INTO image_properties (created_at, updated_at, deleted_at, deleted, image_id, name, value) VALUES (%(created_at)s, %(updated_at)s, %(deleted_at)s, %(deleted)s, %(image_id)s, %(name)s, %(value)s)'] [parameters: {'name': u'abcccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc ... (150 characters truncated) ... ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc', 'deleted': 0, 'created_at': datetime.datetime(2017, 12, 13, 11, 2, 9, 508041), 'updated_at': datetime.datetime(2017, 12, 13, 11, 2, 9, 508048), 'value': u'12434', 'image_id': 'e376fa83-0082-4125-a79a-60696a0e348d', 'deleted_at': None}]: DBDataError: (pymysql.err.DataError) (1406, u"Data too long for column 'name' at row 1") [SQL: u'INSERT INTO image_properties (created_at, updated_at, deleted_at, deleted, image_id, name, value) VALUES (%(created_at)s, %(updated_at)s, %(deleted_at)s, %(deleted)s, %(image_id)s, %(name)s, %(value)s)'] [parameters: {'name': u'abcccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc ... (150 characters truncated) ... ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc', 'deleted': 0, 'created_at': datetime.datetime(2017, 12, 13, 11, 2, 9, 508041), 'updated_at': datetime.datetime(2017, 12, 13, 11, 2, 9, 508048), 'value': u'12434', 'image_id': 'e376fa83-0082-4125-a79a-60696a0e348d', 'deleted_at': None}]
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi Traceback (most recent call last):
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/common/wsgi.py", line 1222, in __call__
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi request, **action_args)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/common/wsgi.py", line 1261, in dispatch
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return method(*args, **kwargs)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/common/utils.py", line 363, in wrapped
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return func(self, req, *args, **kwargs)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/api/v2/images.py", line 67, in create
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi image_repo.add(image)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/domain/proxy.py", line 94, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi result = self.base.add(base_item)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/notifier.py", line 514, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi super(ImageRepoProxy, self).add(image)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/domain/proxy.py", line 94, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi result = self.base.add(base_item)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/api/policy.py", line 124, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return super(ImageRepoProxy, self).add(image)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/domain/proxy.py", line 94, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi result = self.base.add(base_item)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/quota/__init__.py", line 116, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return super(ImageRepoProxy, self).add(image)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/domain/proxy.py", line 94, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi result = self.base.add(base_item)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/location.py", line 66, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi result = super(ImageRepoProxy, self).add(image)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/domain/proxy.py", line 94, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi result = self.base.add(base_item)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/db/__init__.py", line 181, in add
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi new_values = self.db_api.image_create(self.context, image_values)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/db/sqlalchemy/api.py", line 147, in image_create
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi image = _image_update(context, values, None, purge_props=False)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/retrying.py", line 49, in wrapped_f
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return Retrying(*dargs, **dkw).call(f, *args, **kw)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/retrying.py", line 206, in call
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return attempt.get(self._wrap_exception)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/retrying.py", line 247, in get
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi six.reraise(self.value[0], self.value[1], self.value[2])
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/retrying.py", line 200, in call
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi attempt = Attempt(fn(*args, **kwargs), attempt_number, False)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/common/utils.py", line 549, in wrapper
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return f(*args, **kwargs)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/db/sqlalchemy/api.py", line 858, in _image_update
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi session)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/common/utils.py", line 549, in wrapper
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return f(*args, **kwargs)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/db/sqlalchemy/api.py", line 995, in _set_properties_for_image
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi image_property_create(context, prop_values, session=session)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/db/sqlalchemy/api.py", line 1039, in image_property_create
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi prop = _image_property_update(context, prop_ref, values, session=session)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/db/sqlalchemy/api.py", line 1050, in _image_property_update
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi prop_ref.save(session=session)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/opt/stack/glance/glance/db/sqlalchemy/models.py", line 73, in save
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi super(GlanceBase, self).save(session or db_api.get_session())
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/models.py", line 50, in save
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi session.flush()
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/orm/session.py", line 2192, in flush
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi self._flush(objects)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/orm/session.py", line 2312, in _flush
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi transaction.rollback(_capture_exception=True)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/util/langhelpers.py", line 66, in __exit__
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi compat.reraise(exc_type, exc_value, exc_tb)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/orm/session.py", line 2276, in _flush
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi flush_context.execute()
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/orm/unitofwork.py", line 389, in execute
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi rec.execute(self)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/orm/unitofwork.py", line 548, in execute
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi uow
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/orm/persistence.py", line 181, in save_obj
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi mapper, table, insert)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/orm/persistence.py", line 835, in _emit_insert_statements
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi execute(statement, params)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 945, in execute
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return meth(self, multiparams, params)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/sql/elements.py", line 263, in _execute_on_connection
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi return connection._execute_clauseelement(self, multiparams, params)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1053, in _execute_clauseelement
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi compiled_sql, distilled_params
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1189, in _execute_context
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi context)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1398, in _handle_dbapi_exception
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi util.raise_from_cause(newraise, exc_info)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/util/compat.py", line 203, in raise_from_cause
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi reraise(type(exception), exception, tb=exc_tb, cause=cause)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1182, in _execute_context
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi context)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/default.py", line 470, in do_execute
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi cursor.execute(statement, parameters)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/pymysql/cursors.py", line 166, in execute
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi result = self._query(query)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/pymysql/cursors.py", line 322, in _query
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi conn.query(q)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/pymysql/connections.py", line 856, in query
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi self._affected_rows = self._read_query_result(unbuffered=unbuffered)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/pymysql/connections.py", line 1057, in _read_query_result
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi result.read()
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/pymysql/connections.py", line 1340, in read
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi first_packet = self.connection._read_packet()
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/pymysql/connections.py", line 1014, in _read_packet
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi packet.check_error()
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/pymysql/connections.py", line 393, in check_error
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi err.raise_mysql_exception(self._data)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi File "/usr/lib/python2.7/site-packages/pymysql/err.py", line 107, in raise_mysql_exception
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi raise errorclass(errno, errval)
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi DBDataError: (pymysql.err.DataError) (1406, u"Data too long for column 'name' at row 1") [SQL: u'INSERT INTO image_properties (created_at, updated_at, deleted_at, deleted, image_id, name, value) VALUES (%(created_at)s, %(updated_at)s, %(deleted_at)s, %(deleted)s, %(image_id)s, %(name)s, %(value)s)'] [parameters: {'name': u'abcccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc ... (150 characters truncated) ... ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc', 'deleted': 0, 'created_at': datetime.datetime(2017, 12, 13, 11, 2, 9, 508041), 'updated_at': datetime.datetime(2017, 12, 13, 11, 2, 9, 508048), 'value': u'12434', 'image_id': 'e376fa83-0082-4125-a79a-60696a0e348d', 'deleted_at': None}]
Dec 13 11:02:09 devstack <email address hidden>[20154]: ERROR glance.common.wsgi

Changed in glance:
assignee: nobody → Abhishek Kekane (abhishek-kekane)
Changed in glance:
status: New → Confirmed

Fix proposed to branch: master
Review: https://review.openstack.org/530083

Changed in glance:
status: Confirmed → In Progress
Changed in glance:
importance: Undecided → Medium
milestone: none → queens-3
Brian Rosmaita (brian-rosmaita) wrote :

It would be nice if we could upgrade our jsonschema/jsonpatch support in Rocky.

With jsonschema draft04, we can do something like this:

replace
     "additionalProperties": {"type": "string"}

with
   "patternProperties" : {
     "^.{1,255}$": {
       "type": "string",
       "maxLength": 255}
     },
    "additionalProperties": false

This would force all properties (keys) not explicitly defined in the schema to have the 255 maxlen restriction for both key and value, and it would be de facto backward compatible (because even though the current schema allows you to specify a key > 255 char, Glance does not allow you to actually do it). But I think it's too late in the cycle to try this.

Reviewed: https://review.openstack.org/530083
Committed: https://git.openstack.org/cgit/openstack/glance/commit/?id=8dba796806eb6cebaa1d0a3e29e8e0584b371180
Submitter: Zuul
Branch: master

commit 8dba796806eb6cebaa1d0a3e29e8e0584b371180
Author: Abhishek Kekane <email address hidden>
Date: Tue Dec 26 09:45:53 2017 +0000

    Fix 500 if custom property name is greater than 255

    If user passes property 'key' greater than 255 characters
    then it fails with 500 error.

    Modified request deserializer to check if custom property key
    is greater than 255 characters then raise HTTPBadRequest with
    appropriate error message.

    Change-Id: I1d24ff4812315b590675452891ab4d51e8c836a2
    Closes-Bug: #1737952

Changed in glance:
status: In Progress → Fix Released

This issue was fixed in the openstack/glance 16.0.0.0b3 development milestone.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers