yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1214276] Re: ImageSizeLimitExceeded results in data leak

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Thu, 05 Sep 2013 11:34:43 -0000
Reply-to: Bug 1214276 <1214276@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: glance
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1214276

Title:
  ImageSizeLimitExceeded results in data leak

Status in OpenStack Image Registry and Delivery Service (Glance):
  Fix Released

Bug description:
  When uploading data the true size of the upload is not always known up
  front.  Thus in some cases the entire image must arrive before the
  image size is known.  This causes a problem when trying to implement
  quota and when trying to limit the size of any given image

  In order to implement a size limit on upload of a given image the
  iterator (ie: image_size_cap).  To deal with this the iterator
  LimitingReader was created.  This is a wrapper around the incoming
  data that throws a ImageSizeLimitExceeded exception when a liit is
  reach.  This effectively protects the system from receiving more than
  the alloted ammount.

  However, when that error occurs the already received data is never
  cleaned up.  The fix for this must be in each data store.  The higher
  level abstractions do not know the location of the data until it is
  all successfully written.

To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1214276/+subscriptions