1467905 – Null pointer dereference when we get bad data

Bug 1467905 - Null pointer dereference when we get bad data

Summary: Null pointer dereference when we get bad data

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Service Broker
Sub Component:
Version:	3.6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	3.7.0
Assignee:	Dylan Murray
QA Contact:	weiwei jiang
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-07-05 13:24 UTC by Jason Montleon
Modified:	2017-11-28 22:00 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Cause: Bad data being returned from the bootstrapped registry. Consequence: The broker fails to bootstrap and errors out due to a null pointer dereference. Fix: The broker now has logic to avoid dereferencing null pointers if the data is corrupted. Result: Broker skips image with bad data and continues.
Clone Of:
Environment:
Last Closed:	2017-11-28 22:00:15 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2017:3188	0	normal	SHIPPED_LIVE	Moderate: Red Hat OpenShift Container Platform 3.7 security, bug, and enhancement update	2017-11-29 02:34:54 UTC

Description Jason Montleon 2017-07-05 13:24:54 UTC

Description of problem:
registry.acecss.redhat.com is returning bad results at the moment. It is sending back every image on the registry despite us doing a limited search. This is causing a null pointer dereference when we try to process a label that does not exist.

Version-Release number of selected component (if applicable):
ansible-service-broker 0.9.5

How reproducible:
Always

Steps to Reproduce:
1. Use catasb to install ansible-service-broker with an rhcc registry pointing at registry.access.redhat.com


Actual results:
During bootstrap you'll see:
2017/07/05 12:55:43 http: panic serving 172.18.0.1:37326: runtime error: invalid memory address or nil pointer dereference
goroutine 6418 [running]:
net/http.(*conn).serve.func1(0xc420098200)
	/usr/lib/golang/src/net/http/server.go:1491 +0x12a
panic(0x17cf1a0, 0xc420016080)
	/usr/lib/golang/src/runtime/panic.go:458 +0x243
github.com/openshift/ansible-service-broker/pkg/apb.RHCCRegistry.imageToSpec(0xc420480010, 0x4, 0xc42026ac60, 0x22, 0xc420480040, 0x9, 0x0, 0x0, 0xc420436380, 0x15, ...)
	/builddir/build/BUILD/ansible-service-broker-0.9.5/src/github.com/openshift/ansible-service-broker/pkg/apb/rhcc_registry.go:130 +0x4bc
github.com/openshift/ansible-service-broker/pkg/apb.RHCCRegistry.LoadSpecs(0xc420480010, 0x4, 0xc42026ac60, 0x22, 0xc420480040, 0x9, 0x0, 0x0, 0xc420436380, 0x15, ...)
	/builddir/build/BUILD/ansible-service-broker-0.9.5/src/github.com/openshift/ansible-service-broker/pkg/apb/rhcc_registry.go:68 +0x256
github.com/openshift/ansible-service-broker/pkg/apb.(*RHCCRegistry).LoadSpecs(0xc420552360, 0x25befa0, 0x0, 0x0, 0x0, 0x0, 0x0)
	<autogenerated>:5 +0x89
github.com/openshift/ansible-service-broker/pkg/broker.AnsibleBroker.Bootstrap(0xc4206fd800, 0xc42026af30, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2546080, ...)
	/builddir/build/BUILD/ansible-service-broker-0.9.5/src/github.com/openshift/ansible-service-broker/pkg/broker/broker.go:139 +0x2c1
github.com/openshift/ansible-service-broker/pkg/broker.(*AnsibleBroker).Bootstrap(0xc420664c40, 0x0, 0x0, 0x0)
	<autogenerated>:6 +0x85
github.com/openshift/ansible-service-broker/pkg/handler.handler.bootstrap(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc42018e300, 0x0, 0x25584e0, ...)
	/builddir/build/BUILD/ansible-service-broker-0.9.5/src/github.com/openshift/ansible-service-broker/pkg/handler/handler.go:80 +0xad
github.com/openshift/ansible-service-broker/pkg/handler.(handler).(github.com/openshift/ansible-service-broker/pkg/handler.bootstrap)-fm(0x7f8e38ccd410, 0xc4202f1320, 0xc4209f6780, 0xc4202f1350)
	/builddir/build/BUILD/ansible-service-broker-0.9.5/src/github.com/openshift/ansible-service-broker/pkg/handler/handler.go:58 +0x95
github.com/openshift/ansible-service-broker/pkg/handler.createVarHandler.func1(0x7f8e38ccd410, 0xc4202f1320, 0xc4209f6780)
	/builddir/build/BUILD/ansible-service-broker-0.9.5/src/github.com/openshift/ansible-service-broker/pkg/handler/handler.go:42 +0x65
net/http.HandlerFunc.ServeHTTP(0xc420400460, 0x7f8e38ccd410, 0xc4202f1320, 0xc4209f6780)
	/usr/lib/golang/src/net/http/server.go:1726 +0x44
github.com/gorilla/mux.(*Router).ServeHTTP(0xc420967a70, 0x7f8e38ccd410, 0xc4202f1320, 0xc4209f6780)
	/builddir/build/BUILD/ansible-service-broker-0.9.5/src/github.com/gorilla/mux/mux.go:114 +0x10d
github.com/openshift/ansible-service-broker/pkg/handler.handler.ServeHTTP(0x0, 0x0, 0x0, 0x0, 0xc42036a080, 0x9, 0x10, 0xc42018e300, 0x0, 0x25584e0, ...)
	/builddir/build/BUILD/ansible-service-broker-0.9.5/src/github.com/openshift/ansible-service-broker/pkg/handler/handler.go:85 +0x52
github.com/openshift/ansible-service-broker/pkg/handler.(*handler).ServeHTTP(0xc4204b73b0, 0x7f8e38ccd410, 0xc4202f1320, 0xc4209f65a0)
	<autogenerated>:2 +0xac
github.com/gorilla/handlers.loggingHandler.ServeHTTP(0x2542200, 0xc420038010, 0x2543840, 0xc4204b73b0, 0x2552b00, 0xc420a9a0d0, 0xc4209f65a0)
	/builddir/build/BUILD/ansible-service-broker-0.9.5/src/github.com/gorilla/handlers/handlers.go:69 +0x121
github.com/gorilla/handlers.(*loggingHandler).ServeHTTP(0xc4205c57e0, 0x2552b00, 0xc420a9a0d0, 0xc4209f65a0)
	<autogenerated>:8 +0x8b
net/http.serverHandler.ServeHTTP(0xc42036a400, 0x2552b00, 0xc420a9a0d0, 0xc4209f65a0)
	/usr/lib/golang/src/net/http/server.go:2202 +0x7d
net/http.(*conn).serve(0xc420098200, 0x2553e00, 0xc4203cf940)
	/usr/lib/golang/src/net/http/server.go:1579 +0x4b7
created by net/http.(*Server).Serve
	/usr/lib/golang/src/net/http/server.go:2293 +0x44d
[2017-07-05T12:55:50.866Z] [INFO] AnsibleBroker::Bootstrap


Expected results:
We should just stop trying to process the image if the label is missing and move on.

Additional info:
I believe this is where we are getting messed up:
https://github.com/openshift/ansible-service-broker/blob/master/pkg/apb/rhcc_registry.go#L134

Comment 1 Dylan Murray 2017-07-05 15:51:44 UTC

https://github.com/openshift/ansible-service-broker/pull/258

Comment 2 Dylan Murray 2017-07-06 13:07:34 UTC

https://github.com/openshift/ansible-service-broker/pull/258

Comment 4 John Matthews 2017-07-07 10:39:09 UTC

Moving this back to MODIFIED since we have not created a build with this change yet.

Comment 11 errata-xmlrpc 2017-11-28 22:00:15 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:3188

Note You need to log in before you can comment on or make changes to this bug.