Client UUID not validated

Bug #1233420 reported by Kurt Griffiths on 2013-09-30
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
zaqar
Medium
Zhihao Yuan

Bug Description

We need to validate all input. Client UUID is currently never looked at; we should verify that it is of a sane length and has expected characters. In fact, due to the confusion user's have had with client UUID, I propose defining it more strictly to either be an integer or a true UUID.

Zhihao Yuan (zyuan) wrote :

Benefit: store UUID in bytes form in DB

Changed in marconi:
assignee: nobody → Zhihao Yuan (zyuan)

Fix proposed to branch: master
Review: https://review.openstack.org/49378

Changed in marconi:
status: New → In Progress

Reviewed: https://review.openstack.org/49378
Committed: http://github.com/openstack/marconi/commit/cef47c68e50ef791f5e2a3db341d26bed814bdb5
Submitter: Jenkins
Branch: master

commit cef47c68e50ef791f5e2a3db341d26bed814bdb5
Author: Zhihao Yuan <email address hidden>
Date: Wed Oct 2 10:33:41 2013 -0400

    feat(api): Client-ID as a real UUID

    We store the UUID in binary form in DBs, and perform checking
    on user inputs. Compared with the hex form we currently using,
    the binary form saves half space to store. In addition, by
    enforcing UUID on the server side, we can minimize the chance of
    client ID collision.

    Change-Id: Ic3048a0d2aa21bd201e2d2d9cd8a562662cf8f8e
    Closes-Bug: 1233420

Changed in marconi:
status: In Progress → Fix Committed
Thierry Carrez (ttx) on 2013-12-19
Changed in marconi:
milestone: none → icehouse-1
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2014-04-17
Changed in marconi:
milestone: icehouse-1 → 2014.1
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers