[Openstack-security] [Bug 1471158] Re: Incorrect regular expressions used for schema validation
Tristan Cacqueray
tdecacqu at redhat.com
Mon Nov 2 15:13:16 UTC 2015
Since this report concerns a possible security risk, an incomplete
security advisory task has been added while the core security reviewers
for the affected project or projects confirm the bug and discuss the
scope of any vulnerability along with potential solutions.
** Also affects: ossa
Importance: Undecided
Status: New
** Changed in: ossa
Status: New => Incomplete
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1471158
Title:
Incorrect regular expressions used for schema validation
Status in Designate:
Fix Released
Status in Designate juno series:
Fix Committed
Status in Designate kilo series:
Fix Committed
Status in OpenStack Security Advisory:
Incomplete
Bug description:
The regular expressions listed in designate/schema/format.py allow
trailing "\n" characters because "$" matches "\n" at the end of the
string.
Submitting a record creation request with "name" ending with "\n"
currently results in an internal server, with the following traceback
in the log file:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/oslo_messaging/rpc/dispatcher.py", line 142, in _dispatch_and_reply
executor_callback))
File "/usr/lib/python2.7/site-packages/designate/rpc.py", line 178, in _dispatch
return super(RPCDispatcher, self)._dispatch(*args, **kwds)
File "/usr/lib/python2.7/site-packages/oslo_messaging/rpc/dispatcher.py", line 186, in _dispatch
executor_callback)
File "/usr/lib/python2.7/site-packages/oslo_messaging/rpc/dispatcher.py", line 130, in _do_dispatch
result = func(ctxt, **new_args)
File "/usr/lib/python2.7/site-packages/designate/central/service.py", line 220, in wrapper
result = f(self, *args, **kwargs)
File "/usr/lib/python2.7/site-packages/designate/central/service.py", line 194, in wrapper
result = f(self, *args, **kwargs)
File "/usr/lib/python2.7/site-packages/designate/central/service.py", line 1119, in create_recordset
context, domain, recordset, increment_serial=increment_serial)
File "/usr/lib/python2.7/site-packages/designate/central/service.py", line 84, in wrapper
**copy.deepcopy(kwargs))
File "/usr/lib/python2.7/site-packages/designate/central/service.py", line 123, in wrapper
self.storage.rollback()
File "/usr/lib/python2.7/site-packages/oslo_utils/excutils.py", line 119, in __exit__
six.reraise(self.type_, self.value, self.tb)
File "/usr/lib/python2.7/site-packages/designate/central/service.py", line 118, in wrapper
result = f(self, *args, **kwargs)
File "/usr/lib/python2.7/site-packages/designate/central/service.py", line 1138, in _create_recordset_in_storage
self._is_valid_recordset_name(context, domain, recordset.name)
File "/usr/lib/python2.7/site-packages/designate/central/service.py", line 341, in _is_valid_recordset_name
raise ValueError('Please supply a FQDN')
ValueError: Please supply a FQDN
If such additional checks are everywhere, the incorrect regular
expressions should be harmless, and the security flag can be removed.
Downstream bug: https://bugzilla.redhat.com/show_bug.cgi?id=1235655
To manage notifications about this bug go to:
https://bugs.launchpad.net/designate/+bug/1471158/+subscriptions
More information about the Openstack-security
mailing list