Mirantis OpenStack

Image chunks remains in store if upload is interrupted

Bug #1469158 reported by Mike Fedosin
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mirantis OpenStack
Fix Released
High
Mike Fedosin
Mirantis OpenStack 6.0-mu-7
6.1.x
Invalid
High
Alexey Khivin
Mirantis OpenStack 6.1-updates

Bug Description

When I create a new task in v2 to upload an image, it creates the image record in db, sets status to "saving" and then begins the uploading.

If the image is deleted by appropriate API call while its content is still being uploaded, an exception is raised and it is not handled in the API code. This leads to the fact that the uploaded image file stays in a storage and clogs it.

And also trying to delete image created using task api (import-from) image gets deleted from the database, but image data remains in the backend.

Related upstream bugs:
    - https://launchpad.net/bugs/1420696 [OSSA 2015-004] Image data remains in backend after deleting the image created using task api (import-from) (CVE-2015-1881)
    - https://launchpad.net/bugs/1371118 [OSSA 2015-004] Image file stays in store if image has been deleted during upload (CVE-2014-9684)

CVE References

Revision history for this message
Mike Fedosin (mfedosin) wrote :

Fix for this bug: https://review.fuel-infra.org/#/c/5607/

Dmitry Mescheryakov (dmitrymex)
information type: Public → Public Security
Changed in mos:
importance: Undecided → High
assignee: nobody → Mike Fedosin (mfedosin)
Revision history for this message
Alexey Khivin (akhivin) wrote :

As I understand fix for this bug is already included into "6.0-mu-2". We just need to create release notу for 6.0-updates

Revision history for this message
Alexey Khivin (akhivin) wrote :

this fix is already included into 6.1

Changed in mos:
milestone: 6.0-updates → 6.0-mu-7
Revision history for this message
Vadim Rovachev (vrovachev) wrote :

Verified on 6.0 Ubuntu.
Packages:
glance-api,glance-common,glance-registry
Version:
1:2014.2-fuel6.0~mira14

Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Fix merged to openstack/glance (openstack-ci/fuel-6.0-updates/2014.2)

Reviewed: https://review.fuel-infra.org/8490
Submitter: Vitaly Sedelnik <email address hidden>
Branch: openstack-ci/fuel-6.0-updates/2014.2

Commit: 078a1c124d489cdb2c09cbba76684bb082f848af
Author: Zhi Yan Liu <email address hidden>
Date: Tue Nov 10 14:07:55 2015

Cleanup chunks for deleted image that was 'saving'

Currently image data cannot be removed synchronously for an image that
is in saving state. And when, the upload operation for such an image is
completed the operator configured quota can be exceeded.

This patch fixes the issue of left over chunks for an image which was
deleted from saving status. However, by the limitation of the design we
cannot enforce a global quota check for the image in saving status.

This change introduces a inconsonance between http response codes of
v1 and v2 APIs. The status codes which we will now see after the upload
process completes on an image which was deleted mid way are:

v1: 412 Precondition Failed
v2: 410 Gone

SecurityImpact
UpgradeImpact
APIImpact

Closes-Bug: 1383973
Closes-Bug: 1398830
Closes-Bug: 1188532
Closes-Bug: 1469158

Change-Id: I47229b366c25367ec1bd48aec684e0880f3dfe60
Signed-off-by: Zhi Yan Liu <email address hidden>
(cherry picked from commit 0dc8fbb3479a53c5bba8475d14f4c7206904c5ea)

Revision history for this message
Vadim Rovachev (vrovachev) wrote :

Verified on 6.0 Ubuntu.
Packages:
glance-api,glance-common,glance-registry
Version:
1:2014.2-fuel6.0~mira20

Changed in mos:
status: Fix Committed → Fix Released
Adam Heczko (aheczko-mirantis)
tags: added: feature-security
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.