OpenStack Compute (nova)

catch TypeError exception，performing "pass" operation

Bug #1872033 reported by Qiu Fossen on 2020-04-10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Compute (nova)	In Progress	Undecided	Qiu Fossen

Bug Description

catch TypeError exception，performing "pass" operation,this should be a code vulnerability.

like this:nova/nova/api/validation/validators.py

def _validate_name(instance):
    regex = parameter_types.valid_name_regex
    try:
        if re.search(regex.regex, instance):
            return True
    except TypeError:
        # The name must be string type. If instance isn't string type, the
        # TypeError will be raised at here.
        pass
    raise exception.InvalidName(reason=regex.reason)

Qiu Fossen (fossen123) on 2020-04-10

Changed in nova:
assignee:	nobody → Qiu Fossen (fossen123)

Revision history for this message

Balazs Gibizer (balazs-gibizer) wrote on 2020-04-14:

I'm not sure what is the bug you report. The validator only passes if the re.search operation returns true otherwise we raise InvalidName exception. Also if TypeError is raised (and ignored) we raise InvalidName.

Changed in nova:
status:	New → Incomplete

Qiu Fossen (fossen123) on 2020-04-27

Changed in nova:
status:	Incomplete → In Progress

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.