Force security_group_id uuid validation of sg rules
security_groups_db._check_security_group is supposed to check the
security_group_id of the _create_security_group_rule payload.
When using an integer e.g. 0, as security_group_id, the check
succededs because mysql accepts following query:
SELECT * FROM securitygroups WHERE id in (0)
Forcing validation of security_group_id as uuid fixes the problem
Closes-Bug: #1968343
Change-Id: I7c36b09309c1ef66608afacfb281b6f4b06ea5b8
(cherry picked from commit c0bf560fa36aac798ad8783749fa78ddf766bdec)
Reviewed: https:/ /review. opendev. org/c/openstack /neutron/ +/837330 /opendev. org/openstack/ neutron/ commit/ 5598510c80b4acc b97ed7fc62f63ee 400e4237ec
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/wallaby
commit 5598510c80b4acc b97ed7fc62f63ee 400e4237ec
Author: Andrew Karpow <email address hidden>
Date: Fri Apr 8 18:32:03 2022 +0200
Force security_group_id uuid validation of sg rules
security_ groups_ db._check_ security_ group is supposed to check the group_id of the _create_ security_ group_rule payload.
security_
When using an integer e.g. 0, as security_group_id, the check
succededs because mysql accepts following query:
SELECT * FROM securitygroups WHERE id in (0)
Forcing validation of security_group_id as uuid fixes the problem
Closes-Bug: #1968343 66608afacfb281b 6f4b06ea5b8 98ad8783749fa78 ddf766bdec)
Change-Id: I7c36b09309c1ef
(cherry picked from commit c0bf560fa36aac7