registry team mailing list archive

[anotherjesse <664572@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

user input is sent as a parameter to executed command

Steps:
--------

1) launch instances
2) create volume
3) attach instance to volume with device: "/dev/vda2; reboot"

Expected
-----------

API should throw an exception that device should be of format /dev/vd*

Actual
--------

api is executed and error shows up on compute node that virsh doesn't
understand reboot.


Details:
--------

Since nova doesn't validate input (in the aws api), user input can be
passed to the command line.

If you attach a volume via:

euca-attach-volume -i i-123123123 -d "/dev/vda; reboot" vol-123123123

the device is stored in the db as: /dev/vda; reboot

Then the attach method is dispatched to the compute node which executes:

nova/virt/libvirt_conn.py

def attach_volume(self, instance_name, device_path, mountpoint):
    yield process.simple_execute("sudo virsh attach-disk %s %s %s" %
                                 (instance_name,
                                  device_path,
                                  mountpoint.rpartition('/dev/')[2]))

Luckily simple_execute is implemented in a way that ; reboot is sent to
virsh instead of being ran as a shell command.

I've created a larger blueprint for addressing this in general -
https://blueprints.launchpad.net/nova/+spec/aws-api-validation

** Affects: nova
     Importance: High
         Status: New

-- 
AttachVolume doesn't validate input
https://bugs.launchpad.net/bugs/664572
You received this bug notification because you are a member of Registry
Administrators, which is subscribed to OpenStack.