Handle invalid xml request to return BadRequest

Handled ExpatError,LookupError to return BadRequest if the user inputs the invalid xml fixes bug 1032092 Change-Id: I7374532d91e3d7675bc80730031a195f50bb2abc
2012-09-20 12:08:57 +05:30
parent fb101685cc
commit 7a70bc33ac
2 changed files with 34 additions and 1 deletions
--- a/nova/api/openstack/wsgi.py
+++ b/nova/api/openstack/wsgi.py
@@ -881,8 +881,17 @@ class Resource(wsgi.Application):
        #            function.  If we try to audit __call__(), we can
        #            run into troubles due to the @webob.dec.wsgify()
        #            decorator.
-        return self._process_stack(request, action, action_args,
+        try:
+            return self._process_stack(request, action, action_args,
                                   content_type, body, accept)
+        except expat.ExpatError:
+            msg = _("Invalid XML in request body")
+            return Fault(webob.exc.HTTPBadRequest(explanation=msg))
+        except LookupError as e:
+        #NOTE(Vijaya Erukala): XML input such as
+        #                      <?xml version="1.0" encoding="TF-8"?>
+        #                      raises LookupError: unknown encoding: TF-8
+            return Fault(webob.exc.HTTPBadRequest(explanation=unicode(e)))

    def _process_stack(self, request, action, action_args,
                       content_type, body, accept):
--- a/nova/tests/api/openstack/compute/test_servers.py
+++ b/nova/tests/api/openstack/compute/test_servers.py
@@ -959,6 +959,30 @@ class ServersControllerTest(test.TestCase):
        self.assertEqual(res_dict['server']['accessIPv4'], '0.0.0.0')
        self.assertEqual(res_dict['server']['accessIPv6'], 'beef::0123')

+    def test_update_server_invalid_xml_raises_lookup(self):
+        req = fakes.HTTPRequest.blank('/v2/fake/servers/%s' % FAKE_UUID)
+        req.method = 'PUT'
+        req.content_type = 'application/xml'
+        #xml request which raises LookupError
+        req.body = """<?xml version="1.0" encoding="TF-8"?>
+            <metadata
+            xmlns="http://docs.openstack.org/compute/api/v1.1"
+            key="Label"></meta>"""
+        res = req.get_response(fakes.wsgi_app())
+        self.assertEqual(res.status_int, 400)
+
+    def test_update_server_invalid_xml_raises_expat(self):
+        req = fakes.HTTPRequest.blank('/v2/fake/servers/%s' % FAKE_UUID)
+        req.method = 'PUT'
+        req.content_type = 'application/xml'
+        #xml request which raises ExpatError
+        req.body = """<?xml version="1.0" encoding="UTF-8"?>
+            <metadata
+            xmlns="http://docs.openstack.org/compute/api/v1.1"
+            key="Label"></meta>"""
+        res = req.get_response(fakes.wsgi_app())
+        self.assertEqual(res.status_int, 400)
+
    def test_update_server_name(self):
        self.stubs.Set(nova.db, 'instance_get',
                fakes.fake_instance_get(name='server_test'))