From 4d350dc82ecfe1d272bfbd43445a78c69a32fc90 Mon Sep 17 00:00:00 2001
From: Michael Still <mikal@stillhq.com>
Date: Sat, 11 Aug 2012 20:51:27 +1000
Subject: Simple checks for instance user data.

Check that instance user data wont be truncated, and that it is
valid base64 data. This partially resolves bug 1035055. I don't
love the hard coded maximum length, but I haven't worked out how
to get sqlalchemy to tell me the maximum size of the data type.

Change-Id: I045d6b4481563d01cae371cf61a91781cfed6f4b
---
 nova/compute/api.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'nova/compute')

diff --git a/nova/compute/api.py b/nova/compute/api.py
index cd3ffdf56..971540de1 100644
--- a/nova/compute/api.py
+++ b/nova/compute/api.py
@@ -21,6 +21,7 @@
 """Handles all requests relating to compute resources (e.g. guest VMs,
 networking and storage of VMs, and compute hosts on which they run)."""
 
+import base64
 import functools
 import re
 import string
@@ -58,6 +59,7 @@ LOG = logging.getLogger(__name__)
 FLAGS = flags.FLAGS
 flags.DECLARE('consoleauth_topic', 'nova.consoleauth')
 
+MAX_USERDATA_SIZE = 65535
 QUOTAS = quota.QUOTAS
 
 
@@ -473,6 +475,19 @@ class API(base.Base):
             'architecture': architecture,
             'progress': 0}
 
+        if user_data:
+            l = len(user_data)
+            if l > MAX_USERDATA_SIZE:
+                # NOTE(mikal): user_data is stored in a text column, and the
+                # database might silently truncate if its over length.
+                raise exception.InstanceUserDataTooLarge(
+                    length=l, maxsize=MAX_USERDATA_SIZE)
+
+            try:
+                base64.decodestring(user_data)
+            except base64.binascii.Error:
+                raise exception.InstanceUserDataMalformed()
+
         options_from_image = self._inherit_properties_from_image(
                 image, auto_disk_config)
 
-- 
cgit