[jira] [Commented] (CLOUDSTACK-9593) User data check is inconsistent with python

Thu, 28 Dec 2017 01:58:53 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9593?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16305265#comment-16305265
 ] 

ASF subversion and git services commented on CLOUDSTACK-9593:
-------------------------------------------------------------

Commit a26a5023458b8b95779409fb231ad12badacc8a8 in cloudstack's branch 
refs/heads/master from [~marcaurele]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=a26a502 ]

CLOUDSTACK-9593: userdata: enforce data is a multiple of 4 characters (#1760)

Python base64 requires that the string is a multiple of 4 characters but
the Apache codec does not. RFC states is not mandatory so the data should
not fail the VR script (vmdata.py).

Signed-off-by: Marc-Aurèle Brothier <[email protected]>
Signed-off-by: Rohit Yadav <[email protected]>

> User data check is inconsistent with python
> -------------------------------------------
>
>                 Key: CLOUDSTACK-9593
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9593
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>    Affects Versions: 4.4.2, 4.4.3, 4.3.2, 4.5.1, 4.4.4, 4.5.2, 4.6.0, 4.6.1, 
> 4.6.2, 4.7.0, 4.7.1, 4.8.0, 4.9.0
>            Reporter: Marc-Aurèle Brothier
>            Assignee: Marc-Aurèle Brothier
>
> The user data is validated through the Apache commons codec library, but this 
> library does not check that the length is a multiple of 4 characters. The RFC 
> does not require it either. But the python script in the virtual router that 
> loads the user data does check for the possible padding presence, requiring 
> the string to be a multiple of 4 characters.
> {code:python}
> >>> import base64
> >>> base64.b64decode('foo')
> Traceback (most recent call last):
>   File "<stdin>", line 1, in <module>
>   File 
> "/usr/local/Cellar/python/2.7.12/Frameworks/Python.framework/Versions/2.7/lib/python2.7/base64.py",
>  line 78, in b64decode
>     raise TypeError(msg)
> TypeError: Incorrect padding
> >>> base64.b64decode('foo=')
> '~\x8a'
> {code}
> Currently since the java check is less restrictive, the user data gets saved 
> into the database but the VR script crashes when it receives this VM user 
> data. On a single VM it is not really a problem. The critical issue is when a 
> VR is restarted. The invalid pythonic base64 string makes the vmdata.py 
> script crashed, resulting in a VR not starting at all.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to