nova-manage doesn't validate the key value supplied to update the quota

Bug #1064359 reported by Vijaya Erukala on 2012-10-09
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Medium
Vijaya Erukala
Folsom
Medium
Joe Gordon
nova (Ubuntu)
Undecided
Unassigned
Quantal
Undecided
Unassigned

Bug Description

nova-manage doesn't validate the key value supplied while updating the quota's.Because of this unnecessary rows gets created in db and user will be under the impression that quota value got updated

For Ex: instances is the valid key value for the quota not instance.

$nova-manage project quota siri1 instance 240
metadata_items: 128
injected_file_content_bytes: 10240
volumes: 10
gigabytes: 1000
ram: 51200
floating_ips: 10
security_group_rules: 20
instances: 10
key_pairs: 100
injected_files: 5
cores: 20
injected_file_path_bytes: 255
security_groups: 10

mysql> select *from quotas;
+----+---------------------+---------------------+---------------------+---------+------------+-----------+------------+
| id | created_at | updated_at | deleted_at | deleted | project_id | resource | hard_limit |
+----+---------------------+---------------------+---------------------+---------+------------+-----------+------------+
| 1 | 2012-10-09 16:26:56 | 2012-10-09 16:30:56 | 2012-10-09 16:30:56 | 1 | siri1 | instances | 11 |
| 2 | 2012-10-09 16:40:44 | NULL | NULL | 0 | siri1 | vijaya1 | 240 |
| 3 | 2012-10-09 16:41:38 | NULL | NULL | 0 | siri1 | instance | 240 |
+----+---------------------+---------------------+---------------------+---------+------------+-----------+------------+
3 rows in set (0.00 sec)

Changed in nova:
assignee: nobody → Vijaya Erukala (vijaya-erukala)
Dan Prince (dan-prince) on 2012-10-09
Changed in nova:
importance: Undecided → Medium
status: New → Triaged

Fix proposed to branch: master
Review: https://review.openstack.org/14217

Changed in nova:
status: Triaged → In Progress
tags: added: folsom-backport-potential

Reviewed: https://review.openstack.org/14217
Committed: http://github.com/openstack/nova/commit/82d8ffec5b5220039e57685fe4359950d1209b14
Submitter: Jenkins
Branch: master

commit 82d8ffec5b5220039e57685fe4359950d1209b14
Author: vijaya-erukala <email address hidden>
Date: Tue Oct 9 19:25:27 2012 +0530

    nova-manage doesn't validate key to update the quota

    nova-manage doesn't validate the key value supplied to
    update the quota, as a result unnecessary records will be
    created in db and user will be under the impression that
    quota value got updated.
    This patch validates the input value given to the key.

    fixes bug 1064359
    Change-Id: I9928f30881aa2780a23005b5f69aa67a44f314c5

Changed in nova:
status: In Progress → Fix Committed
Thierry Carrez (ttx) on 2012-11-21
Changed in nova:
milestone: none → grizzly-1
status: Fix Committed → Fix Released
tags: removed: folsom-backport-potential

Reviewed: https://review.openstack.org/16667
Committed: http://github.com/openstack/nova/commit/1857821b4599b7af249fbc136a1b75ae5d8ec38e
Submitter: Jenkins
Branch: stable/folsom

commit 1857821b4599b7af249fbc136a1b75ae5d8ec38e
Author: vijaya-erukala <email address hidden>
Date: Tue Oct 9 19:25:27 2012 +0530

    nova-manage doesn't validate key to update the quota

    nova-manage doesn't validate the key value supplied to
    update the quota, as a result unnecessary records will be
    created in db and user will be under the impression that
    quota value got updated.
    This patch validates the input value given to the key.

    fixes bug 1064359
    Change-Id: I9928f30881aa2780a23005b5f69aa67a44f314c5
    (cherry picked from commit 82d8ffec5b5220039e57685fe4359950d1209b14)

Changed in nova (Ubuntu):
status: New → Fix Released
Changed in nova (Ubuntu Quantal):
status: New → Confirmed

Hello Vijaya, or anyone else affected,

Accepted nova into quantal-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/nova/2012.2.1+stable-20121212-a99a802e-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in nova (Ubuntu Quantal):
status: Confirmed → Fix Committed
tags: added: verification-needed
Launchpad Janitor (janitor) wrote :
Download full text (8.3 KiB)

This bug was fixed in the package nova - 2012.2.1+stable-20121212-a99a802e-0ubuntu1

---------------
nova (2012.2.1+stable-20121212-a99a802e-0ubuntu1) quantal-proposed; urgency=low

  * Ubuntu updates:
    - debian/control: Ensure novaclient is upgraded with nova,
      require python-keystoneclient >= 1:2.9.0. (LP: #1073289)
    - d/p/avoid_setuptools_git_dependency.patch: Refresh.
  * Dropped patches, applied upstream:
    - debian/patches/CVE-2012-5625.patch: [a99a802]
  * Resynchronize with stable/folsom (b55014ca) (LP: #1085255):
    - [a99a802] create_lvm_image allocates dirty blocks (LP: #1070539)
    - [670b388] RPC exchange name defaults to 'openstack' (LP: #1083944)
    - [3ede373] disassociate_floating_ip with multi_host=True fails
      (LP: #1074437)
    - [22d7c3b] libvirt imagecache should handle shared image storage
      (LP: #1075018)
    - [e787786] Detached and deleted RBD volumes remain associated with insance
      (LP: #1083818)
    - [9265eb0] live_migration missing migrate_data parameter in Hyper-V driver
      (LP: #1066513)
    - [3d99848] use_single_default_gateway does not function correctly
      (LP: #1075859)
    - [65a2d0a] resize does not migrate DHCP host information (LP: #1065440)
    - [102c76b] Nova backup image fails (LP: #1065053)
    - [48a3521] Fix config-file overrides for nova-dhcpbridge
    - [69663ee] Cloudpipe in Folsom: no such option: cnt_vpn_clients
      (LP: #1069573)
    - [6e47cc8] DisassociateAddress can cause Internal Server Error
      (LP: #1080406)
    - [22c3d7b] API calls to dis-associate an auto-assigned floating IP should
      return proper warning (LP: #1061499)
    - [bd11d15] libvirt: if exception raised during volume_detach, volume state
      is inconsistent (LP: #1057756)
    - [dcb59c3] admin can't describe all images in ec2 api (LP: #1070138)
    - [78de622] Incorrect Exception raised during Create server when metadata
      over 255 characters (LP: #1004007)
    - [c313de4] Fixed IP isn't released before updating DHCP host file
      (LP: #1078718)
    - [f4ab42d] Enabling Return Reservation ID with XML create server request
      returns no body (LP: #1061124)
    - [3db2a38] 'BackupCreate' should accept rotation parameter greater than or
      equal to zero (LP: #1071168)
    - [f7e5dde] libvirt reboot sometimes fails to reattach volumes
      (LP: #1073720)
    - [ff776d4] libvirt: detaching volume may fail while terminating other
      instances on the same host concurrently (LP: #1060836)
    - [85a8bc2] Used instance uuid rather than id in remove-fixed-ip
    - [42a85c0] Fix error on invalid delete_on_termination value
    - [6a17579] xenapi migrations fail w/ swap (LP: #1064083)
    - [97649b8] attach-time field for volumes is not updated for detach volume
      (LP: #1056122)
    - [8f6a718] libvirt: rebuild is not using kernel and ramdisk associated with
      the new image (LP: #1060925)
    - [fbe835f] live-migration and volume host assignement (LP: #1066887)
    - [c2a9150] typo prevents volume_tmp_dir flag from working (LP: #1071536)
    - [93efa21] Instances deleted during spawn leak network allocations
      (LP: #1068716)
    - [ebabd02] After restartin...

Read more...

Changed in nova (Ubuntu Quantal):
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2013-04-04
Changed in nova:
milestone: grizzly-1 → 2013.1
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers