neutron

extra_dhcp_opts allows empty strings

Bug #1257467 reported by dkehn
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Medium
dkehn
neutron 2014.1 "icehouse"

Bug Description

the extra_dhcp_opts allows empty string ' ', as an option_value, which dnsmasq has been detected ans segment faulting when encountering a tag:ece4c8aa-15c9-4f6b-8c42-7d4e285734bf,option:server-ip-address, option in the opts file.

Checks are need in the create and update protions of the extra_dhcp_opts extension to prevent this.

Revision history for this message
dkehn (dekehn) wrote :

please assign to dekehn, I'm working on a patch for it. thanks.

Changed in neutron:
assignee: nobody → dkehn (dekehn)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/59858

Changed in neutron:
status: New → In Progress
Kyle Mestery (mestery)
Changed in neutron:
importance: Undecided → Medium
milestone: none → icehouse-2
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/59858
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=794a1325dfc8a6937412a597f19acecf08d4b34a
Submitter: Jenkins
Branch: master

commit 794a1325dfc8a6937412a597f19acecf08d4b34a
Author: dekehn <email address hidden>
Date: Tue Dec 3 15:28:55 2013 -0700

    extra_dhcp_opt add checks for empty strings

    When passing extra-dhcp-opt into the port-create where an empty string
    is provided as opt_value=' ', the create and update routine will load the
    empty string into the DB. The result when written to the opts file is:
    "tag:ece4c8aa-15c9-4f6b-8c42-7d4e285734bf,option:server-ip-address", which
    when read by dnsmasq has been tested to cause dnsmasq to segment fault.

    Change-Id: I31de4a3d27092bb219d20221c5ef5a6b22e050dc
    Closes-Bug: #1257467

Changed in neutron:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in neutron:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in neutron:
milestone: icehouse-2 → 2014.1
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron (master)

Reviewed: https://review.openstack.org/229159
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=3837427189a54e6c052d773d629bac53d95702dc
Submitter: Jenkins
Branch: master

commit 3837427189a54e6c052d773d629bac53d95702dc
Author: David Edery <email address hidden>
Date: Mon Oct 12 11:11:50 2015 +0300

    Enable specific extra_dhcp_opt to be left blank

    In some cases there is a need for a blank value of the "router" extra
    dhcp option. This fix addresses this issue by introducing a simple
    mechanism in the code that allows specific extra dhcp options to be left
    blank by applying a different opt_value validation of the data received
    from the REST call and different validation on the value that will be
    written to the DB.

    This fix also takes into consideration bug #1257467 which claims that
    in case of a blank "server-ip-address" option a segmentation fault
    occurs in dnsmasq. I did not check this claim with a newer dnsmasq
    version since it seemed logical that the list of potentially blank
    options should be limited to options that are known to work well when
    blank and have functional justification for being blank (e.g. "router")

    APIImpact
    "router" and "classless-static-route" extra dhcp options can be blank
    (e.g. opt-name="router", opt-value="")

    DocImpact
    During port creation/update, Specific extra-dhcp-options can be left
    blank ("router" and/or "classless-static-route"). This causes dnsmasq
    to have an empty option in the "opts" file related to the network to
    which the port is related.
    For example:
    tag:tag0,option:classless-static-route,
    tag:tag0,option:router,

    Closes-Bug: #1437695
    Related-Bug: #1257467

    Change-Id: I0ac76e132c4bd86da39863674d4cf8a22dad7034

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.