Ironic

Ports subcontroller doesn't properly handle incorrect node names

Bug #1619235 reported by Vladyslav Drok
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Ironic
Triaged
Low
Vladyslav Drok

Bug Description

Here is what happens if an invalid node identifier is passed, in this case 1234~1234~1234:

2016-08-31 17:10:57.806 27972 INFO eventlet.wsgi.server [-] Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/eventlet/wsgi.py", line 481, in handle_one_response
    result = self.application(self.environ, start_response)
  File "/opt/stack/new/ironic/ironic/api/app.py", line 101, in __call__
    return self.v1(environ, start_response)
  File "/usr/local/lib/python2.7/dist-packages/webob/dec.py", line 130, in __call__
    resp = self.call_func(req, *args, **self.kwargs)
  File "/usr/local/lib/python2.7/dist-packages/webob/dec.py", line 195, in call_func
    return self.func(req, *args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/oslo_middleware/base.py", line 126, in __call__
    response = req.get_response(self.application)
  File "/usr/local/lib/python2.7/dist-packages/webob/request.py", line 1299, in send
    application, catch_exc_info=False)
  File "/usr/local/lib/python2.7/dist-packages/webob/request.py", line 1263, in call_application
    app_iter = application(self.environ, start_response)
  File "/opt/stack/new/ironic/ironic/api/middleware/auth_token.py", line 64, in __call__
    return super(AuthTokenMiddleware, self).__call__(env, start_response)
  File "/usr/local/lib/python2.7/dist-packages/webob/dec.py", line 130, in __call__
    resp = self.call_func(req, *args, **self.kwargs)
  File "/usr/local/lib/python2.7/dist-packages/webob/dec.py", line 195, in call_func
    return self.func(req, *args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/keystonemiddleware/auth_token/__init__.py", line 323, in __call__
    response = req.get_response(self._app)
  File "/usr/local/lib/python2.7/dist-packages/webob/request.py", line 1299, in send
    application, catch_exc_info=False)
  File "/usr/local/lib/python2.7/dist-packages/webob/request.py", line 1263, in call_application
    app_iter = application(self.environ, start_response)
  File "/usr/local/lib/python2.7/dist-packages/pecan/middleware/recursive.py", line 56, in __call__
    return self.application(environ, start_response)
  File "/opt/stack/new/ironic/ironic/api/middleware/parsable_error.py", line 67, in __call__
    app_iter = self.app(environ, replacement_start_response)
  File "/usr/local/lib/python2.7/dist-packages/pecan/core.py", line 835, in __call__
    return super(Pecan, self).__call__(environ, start_response)
  File "/usr/local/lib/python2.7/dist-packages/pecan/core.py", line 677, in __call__
    controller, args, kwargs = self.find_controller(state)
  File "/usr/local/lib/python2.7/dist-packages/pecan/core.py", line 853, in find_controller
    controller, args, kw = super(Pecan, self).find_controller(_state)
  File "/usr/local/lib/python2.7/dist-packages/pecan/core.py", line 455, in find_controller
    controller, remainder = self.route(req, self.root, path)
  File "/usr/local/lib/python2.7/dist-packages/pecan/core.py", line 293, in route
    node, remainder = lookup_controller(node, path, req)
  File "/usr/local/lib/python2.7/dist-packages/pecan/routing.py", line 139, in lookup_controller
    request)
  File "/usr/local/lib/python2.7/dist-packages/pecan/routing.py", line 244, in find_object
    next_obj, next_remainder = route(remainder)
  File "/opt/stack/new/ironic/ironic/api/controllers/root.py", line 121, in _route
    return super(RootController, self)._route(args)
  File "/usr/local/lib/python2.7/dist-packages/pecan/rest.py", line 120, in _route
    result = self._find_sub_controllers(args, request)
  File "/usr/local/lib/python2.7/dist-packages/pecan/rest.py", line 233, in _find_sub_controllers
    request)
  File "/usr/local/lib/python2.7/dist-packages/pecan/routing.py", line 139, in lookup_controller
    request)
  File "/usr/local/lib/python2.7/dist-packages/pecan/routing.py", line 244, in find_object
    next_obj, next_remainder = route(remainder)
  File "/opt/stack/new/ironic/ironic/api/controllers/v1/__init__.py", line 205, in _route
    return super(Controller, self)._route(args)
  File "/usr/local/lib/python2.7/dist-packages/pecan/rest.py", line 120, in _route
    result = self._find_sub_controllers(args, request)
  File "/usr/local/lib/python2.7/dist-packages/pecan/rest.py", line 233, in _find_sub_controllers
    request)
  File "/usr/local/lib/python2.7/dist-packages/pecan/routing.py", line 139, in lookup_controller
    request)
  File "/usr/local/lib/python2.7/dist-packages/pecan/routing.py", line 246, in find_object
    next_obj, next_remainder = route(remainder, request)
  File "/usr/local/lib/python2.7/dist-packages/pecan/rest.py", line 145, in _route
    _lookup_result = self._handle_lookup(args, request)
  File "/usr/local/lib/python2.7/dist-packages/pecan/rest.py", line 190, in _handle_lookup
    result = handle_lookup_traversal(lookup, args)
  File "/usr/local/lib/python2.7/dist-packages/pecan/routing.py", line 172, in handle_lookup_traversal
    result = obj(*args)
  File "/opt/stack/new/ironic/ironic/api/controllers/v1/node.py", line 1067, in _lookup
    ident = types.uuid_or_name.validate(ident)
  File "/opt/stack/new/ironic/ironic/api/controllers/v1/types.py", line 60, in validate
    raise exception.InvalidUuidOrName(name=value)
InvalidUuidOrName: Expected a logical name or UUID but received 1234~1234~1234.

2016-08-31 17:10:57.807 27972 INFO eventlet.wsgi.server [-] 127.0.0.1 "GET /v1/nodes/1234~1234~1234/validate HTTP/1.1" status: 500 len: 139 time: 0.0404370

The reason is, the _lookup method is exposed via pecan.expose, not wsme, and does not do exception handling the way wsme does.

Vladyslav Drok (vdrok)
Changed in python-ironicclient:
assignee: nobody → Vladyslav Drok (vdrok)
Dmitry Tantsur (divius)
affects: python-ironicclient → ironic
Changed in ironic:
status: New → Triaged
importance: Undecided → Low
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.