Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Token client leads to crash in the db component when IP address for PtrOverride is malformed in number of fields #288

Open
dmykarp opened this issue Apr 5, 2019 · 3 comments
Open

Token client leads to crash in the db component when IP address for PtrOverride is malformed in number of fields #288

dmykarp opened this issue Apr 5, 2019 · 3 comments

Comments

@dmykarp
Copy link

dmykarp commented Apr 5, 2019
edited
Loading

The code like this:

   def setUp(self):
        self.client = self.get_token_client()

   def get_token_client(self, add_groups=True):
        self.user, created = User.objects.get_or_create(username='nobody')
        token, created = Token.objects.get_or_create(user=self.user)
        self.add_user_to_groups('REQUIRED_USER_GROUPS')
        if add_groups:
            self.add_user_to_groups('SUPERUSER_GROUP')
            self.add_user_to_groups('ADMINUSER_GROUP')
        client = APIClient()
        client.credentials(HTTP_AUTHORIZATION='Token ' + token.key)
        return client

    def test_ptr_override_reject_invalid_400(self):
        ptr_override_data = {'host': self.host.id,
                             'ipaddress': '10.0.0.4.44'}
        ret = self.client.post("/ptroverrides/", ptr_override_data)
        self.assertEqual(ret.status_code, 400)

leads to a crash in the database component.

django.db.utils.InternalError: current transaction is aborted, commands ignored until end of transaction block

This only happens when the token client is used, supplying the malformed IPv4 through curl or mreg-cli is gracefully rejected with a proper error message and return code 400 from REST.

This also only happens if IPv4 is malformed like shown above, with improper number of fields. Invalid IPv4 addresses with right number of fields, like 10.0.0.400 are gracefully handled.
@dmykarp
Copy link
Author

dmykarp commented Apr 5, 2019

The same thing is actually true for IPv6. Addresses like 2001:db8:::1 result in the same crash, while the likes of 2001:db8::zzzz are handled as expected.

@dmykarp dmykarp changed the title Token client leads to crash in the db component when IPv4 for PtrOverride is malformed Token client leads to crash in the db component when IP address for PtrOverride is malformed in number of fields Apr 5, 2019
@oyvindkolbu
Copy link
Collaborator

Should probably try to create a minimum-instance of code and se if it can be reproduced. Tokens should not matter, so a tiny drf project with a Host and PtrOverride model, and a view for PtrOverride.

@oyvindkolbu
Copy link
Collaborator

The problem is related to the model PtrOverride's unique=True-constraint. As the test does a SELECT (1) AS "a" FROM "ptr_override" WHERE "ptr_override"."ipaddress" = '10.0.0.4.44'::inet LIMIT 1 to check contrains before running the data through the validator it fails.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@oyvindkolbu @dmykarp