[Openstack-security] [openstack/nova] SecurityImpact review request change Ic5f4d4c26794550a92481bf2b725ef5eafa581b2
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Mon Nov 16 21:15:05 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/245987
Log:
commit b82ebc81171554dd672e13e9c97167ceacf264a6
Author: Matt Riedemann <mriedem at us.ibm.com>
Date: Mon Nov 16 13:11:09 2015 -0800
xen: mask auth_password in StorageError raised from _parse_volume_info
The connection_data dict can have credentials in it, so we need to scrub
those before putting the stringified dict into the StorageError message
and raising that up.
Note that strutils.mask_password converts the dict to a string using
six.text_type so we don't have to do that conversion first.
This could show up in the logs because of the attach_volume flow where
if that fails, the nova.virt.block_device attach code will log it.
SecurityImpact
Change-Id: Ic5f4d4c26794550a92481bf2b725ef5eafa581b2
Closes-Bug: #1516765
More information about the Openstack-security
mailing list