From bf1998898453f208882a95bf88cd157274e7dbf1 Mon Sep 17 00:00:00 2001 From: zhongjun Date: Wed, 31 Jan 2018 11:02:44 +0800 Subject: [PATCH] Fix UnicodeDecodeError when decode API input Convert UnicodeDecodeError to HTTPBadRequest in FaultWrapper. Change-Id: I826f05084b0a0ef170ef293d382868409b96ed3d Closes-Bug: #1746202 --- manila/api/middleware/fault.py | 6 ++++++ manila/tests/api/middleware/test_faults.py | 9 +++++++++ ...codeError-when-decode-API-input-4e4502fb50b69502.yaml | 5 +++++ 3 files changed, 20 insertions(+) create mode 100644 releasenotes/notes/bug-1746202-fix-unicodeDecodeError-when-decode-API-input-4e4502fb50b69502.yaml diff --git a/manila/api/middleware/fault.py b/manila/api/middleware/fault.py index e24e95a446..540bdc6384 100644 --- a/manila/api/middleware/fault.py +++ b/manila/api/middleware/fault.py @@ -20,6 +20,7 @@ import webob.dec import webob.exc from manila.api.openstack import wsgi +from manila.i18n import _ from manila import utils from manila.wsgi import common as base_wsgi @@ -40,6 +41,11 @@ class FaultWrapper(base_wsgi.Middleware): status, webob.exc.HTTPInternalServerError)() def _error(self, inner, req): + if isinstance(inner, UnicodeDecodeError): + msg = _("Error decoding your request. Either the URL or the " + "request body contained characters that could not be " + "decoded by Manila.") + return wsgi.Fault(webob.exc.HTTPBadRequest(explanation=msg)) LOG.exception("Caught error: %s", inner) safe = getattr(inner, 'safe', False) diff --git a/manila/tests/api/middleware/test_faults.py b/manila/tests/api/middleware/test_faults.py index a15e8fda8c..209b9943c6 100644 --- a/manila/tests/api/middleware/test_faults.py +++ b/manila/tests/api/middleware/test_faults.py @@ -184,3 +184,12 @@ class ExceptionTest(test.TestCase): api = self._wsgi_app(fail) resp = webob.Request.blank('/').get_response(api) self.assertEqual(500, resp.status_int) + + def test_validate_request_unicode_decode_fault(self): + @webob.dec.wsgify + def unicode_error(req): + raise UnicodeDecodeError("ascii", "test".encode(), 0, 1, "bad") + + api = self._wsgi_app(unicode_error) + resp = webob.Request.blank('/test?foo=%88').get_response(api) + self.assertEqual(400, resp.status_int) diff --git a/releasenotes/notes/bug-1746202-fix-unicodeDecodeError-when-decode-API-input-4e4502fb50b69502.yaml b/releasenotes/notes/bug-1746202-fix-unicodeDecodeError-when-decode-API-input-4e4502fb50b69502.yaml new file mode 100644 index 0000000000..8d38c07e86 --- /dev/null +++ b/releasenotes/notes/bug-1746202-fix-unicodeDecodeError-when-decode-API-input-4e4502fb50b69502.yaml @@ -0,0 +1,5 @@ +--- +fixes: + - This patch converts UnicodeDecodeError exception into BadRequest, plus + an explicit error message. Fix invalid query parameter could lead to + HTTP 500.