[openstack-dev] [Cinder] cinder not support query volume/snapshot with regular expression

Duncan Thomas duncan.thomas at gmail.com
Mon Apr 28 11:04:31 UTC 2014


Regex matching in APIs can be a dangerous source of DoS attacks - see
http://en.wikipedia.org/wiki/ReDoS. Unless this is mitigated sensibly,
I will continue to resist any cinder patch that adds them.

Glob matches might be safer?

On 26 April 2014 05:02, Zhangleiqiang (Trump) <zhangleiqiang at huawei.com> wrote:
> Hi, all:
>
>         I see Nova allows search instances by name, ip and ip6 fields which can be normal string and regular expression:
>
>         [stack at leiqzhang-stack cinder]$ nova help list
>
>         List active servers.
>
>         Optional arguments:
>                 --ip <ip-regexp>      Search with regular expression match by IP address
>                                 (Admin only).
>                 --ip6 <ip6-regexp>    Search with regular expression match by IPv6 address
>                          (Admin only).
>                 --name <name-regexp>  Search with regular expression match by name
>                 --instance-name <name-regexp> Search with regular expression match by server name
>                                 (Admin only).
>
>         I think it is also needed for Cinder when query the volume/snapshot/backup by name. Any advice?
>
> ----------
> zhangleiqiang (Trump)
>
> Best Regards
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



-- 
Duncan Thomas



More information about the OpenStack-dev mailing list