Trailing whitespaces pass IP address validation
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Low
|
Hironori Shiina |
Bug Description
API attributes validation doesn't detect a trailing CR code.
By the following operations, a CR code causes a serious trouble.
1. Create files in Windows (newline characters are CR+LF) for heat.
template.yaml
-------
:
parameters:
subnet_
type: string
description: Allocation of the secure subnet.
:
resources:
swift_
type: OS::Neutron::Net
properties:
name: { get_param: network_secure_name }
swift_
type: OS::Neutron::Subnet
depends_on: swift_network_
properties:
cidr: { get_param: subnet_secure_cidr }
name: { get_param: subnet_secure_name }
network_id: { get_resource: swift_network_
gateway_ip: { get_param: subnet_
allocatio
:
-------
param.txt
-------
availability_
-------
2. Execute 'heat stack-create' command with these files.
$ heat stack-create -f template.yaml -P `cat param.txt` stack_name
Then, 'subnet_
This parameter is given to neutron as a start IP address of allocation_pools.
The trailing CR code passes IP address validation and causes ovs-agent to crash.
The CR code was accepted.
$ neutron subnet-show xxxxxxxx-
+------
| Field | Value |
+------
| allocation_pools | {"start": "172.16.16.240\r", "end": "172.16.16.250"} |
The error occurred in ovs-agent.
-------
2014-11-05 12:35:32.046 16862 TRACE neutron.
2014-11-05 12:35:32.046 16862 TRACE neutron.
2014-11-05 12:35:32.046 16862 TRACE neutron.
2014-11-05 12:35:32.046 16862 TRACE neutron.
2014-11-05 12:35:32.046 16862 TRACE neutron.
-------
It is critical that a tenant user's operation mistake affects whole system.
We think the validation should reject parameters with trailing CR codes.
Changed in neutron: | |
assignee: | nobody → Hironori Shiina (shiina-hironori) |
tags: | added: api |
Changed in neutron: | |
importance: | Undecided → Low |
status: | New → Confirmed |
description: | updated |
Changed in neutron: | |
milestone: | none → kilo-1 |
status: | Fix Committed → Fix Released |
Changed in neutron: | |
milestone: | kilo-1 → 2015.1.0 |
Fix proposed to branch: master /review. openstack. org/137288
Review: https:/