Uploaded image for project: 'CloudStack'
  1. CloudStack
  2. CLOUDSTACK-9593

User data check is inconsistent with python

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 4.4.2, 4.4.3, 4.3.2, 4.5.1, 4.4.4, 4.5.2, 4.6.0, 4.6.1, 4.6.2, 4.7.0, 4.7.1, 4.8.0, 4.9.0
    • Fix Version/s: None
    • Component/s: None
    • Security Level: Public (Anyone can view this level - this is the default.)
    • Labels:
      None

      Description

      The user data is validated through the Apache commons codec library, but this library does not check that the length is a multiple of 4 characters. The RFC does not require it either. But the python script in the virtual router that loads the user data does check for the possible padding presence, requiring the string to be a multiple of 4 characters.

      >>> import base64
      >>> base64.b64decode('foo')
      Traceback (most recent call last):
        File "<stdin>", line 1, in <module>
        File "/usr/local/Cellar/python/2.7.12/Frameworks/Python.framework/Versions/2.7/lib/python2.7/base64.py", line 78, in b64decode
          raise TypeError(msg)
      TypeError: Incorrect padding
      >>> base64.b64decode('foo=')
      '~\x8a'
      

      Currently since the java check is less restrictive, the user data gets saved into the database but the VR script crashes when it receives this VM user data. On a single VM it is not really a problem. The critical issue is when a VR is restarted. The invalid pythonic base64 string makes the vmdata.py script crashed, resulting in a VR not starting at all.

        Attachments

          Activity

            People

            • Assignee:
              marcaurele Marc-Aurèle Brothier
              Reporter:
              marcaurele Marc-Aurèle Brothier
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: