)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":6873,"name":"Matt Riedemann","email":"mriedem.os@gmail.com","username":"mriedem"},"change_message_id":"58ebb1db5eb015ad5c70ff07fced28d17c4055f9","unresolved":false,"context_lines":[{"line_number":6,"context_line":""},{"line_number":7,"context_line":"Make serialize_args handle exception messages safely"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"We have recently move towards handling exceptions that may be viewed"},{"line_number":10,"context_line":"by API users in a way that results in either the exc.format_message()"},{"line_number":11,"context_line":"text, or just the exception class name (without details) in order to"},{"line_number":12,"context_line":"avoid leaking sensitive information out of the API. This makes the"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":1,"id":"1fa4df85_ad77ca08","line":9,"range":{"start_line":9,"start_character":17,"end_line":9,"end_character":21},"updated":"2020-03-12 14:45:28.000000000","message":"moved","commit_id":"2dfa7f9d1ea3cfc485e030147768329bdd6254d8"}],"nova/objects/base.py":[{"author":{"_account_id":6873,"name":"Matt Riedemann","email":"mriedem.os@gmail.com","username":"mriedem"},"change_message_id":"58ebb1db5eb015ad5c70ff07fced28d17c4055f9","unresolved":false,"context_lines":[{"line_number":330,"context_line":"    def wrapper(obj, *args, **kwargs):"},{"line_number":331,"context_line":"        args \u003d [utils.strtime(arg) if isinstance(arg, datetime.datetime)"},{"line_number":332,"context_line":"                else arg for arg in args]"},{"line_number":333,"context_line":"        for k, v in kwargs.items():"},{"line_number":334,"context_line":"            if k \u003d\u003d \u0027exc_val\u0027 and v:"},{"line_number":335,"context_line":"                try:"},{"line_number":336,"context_line":"                    # NOTE(danms): When we run this for a remotable method,"}],"source_content_type":"text/x-python","patch_set":1,"id":"1fa4df85_cd98061d","line":333,"updated":"2020-03-12 14:45:28.000000000","message":"This is only going to process exc_val as a kwarg, but I think in some of the testing on https://review.opendev.org/#/c/694428/4/nova/tests/unit/objects/test_instance_action.py we could have the same issue if the exc_val is passed in as an arg, but maybe that is not an issue because if we\u0027re going over RPC it\u0027s going to be a kwarg.\n\nThe other thing is we get in here via the EventReporter when a wrapped function raises and that *does* pass exc_val as a kwarg:\n\nhttps://github.com/openstack/nova/blob/master/nova/compute/utils.py#L1408\n\nSo this might be sufficient, I don\u0027t have all of that context from that PoC I was hacking on loaded into my head, but we\u0027ll know if this works if Brin rebases that series on top of this change and can get the TODOs in the patch resolved.","commit_id":"2dfa7f9d1ea3cfc485e030147768329bdd6254d8"},{"author":{"_account_id":26458,"name":"Brin Zhang","email":"zhangbailin@inspur.com","username":"zhangbailin"},"change_message_id":"bea36e4556f95359a768501bfbd8935e224975d4","unresolved":false,"context_lines":[{"line_number":335,"context_line":"                try:"},{"line_number":336,"context_line":"                    # NOTE(danms): When we run this for a remotable method,"},{"line_number":337,"context_line":"                    # we need to attempt to format_message() the exception to"},{"line_number":338,"context_line":"                    # get the sanitized message, and if it\u0027s not a"},{"line_number":339,"context_line":"                    # NovaException, fall back to just the exception class"},{"line_number":340,"context_line":"                    # name. However, a remotable will end up calling this again"},{"line_number":341,"context_line":"                    # on the other side of the RPC call, so we must not try"},{"line_number":342,"context_line":"                    # to do that again, otherwise we will always end up with"},{"line_number":343,"context_line":"                    # just str. So, only do that if exc_val is an Exception"}],"source_content_type":"text/x-python","patch_set":1,"id":"1fa4df85_9102093e","line":340,"range":{"start_line":338,"start_character":53,"end_line":340,"end_character":26},"updated":"2020-03-15 05:51:03.000000000","message":"Yes, this way we can prevent the leakage of sensitive information.","commit_id":"2dfa7f9d1ea3cfc485e030147768329bdd6254d8"},{"author":{"_account_id":6873,"name":"Matt Riedemann","email":"mriedem.os@gmail.com","username":"mriedem"},"change_message_id":"96e3c86b35d74f6723e94dcd7003340f2a9613a5","unresolved":false,"context_lines":[{"line_number":342,"context_line":"                    # to do that again, otherwise we will always end up with"},{"line_number":343,"context_line":"                    # just str. So, only do that if exc_val is an Exception"},{"line_number":344,"context_line":"                    # class."},{"line_number":345,"context_line":"                    kwargs[k] \u003d (v.format_message() if isinstance(v, Exception)"},{"line_number":346,"context_line":"                                 else v)"},{"line_number":347,"context_line":"                except Exception:"},{"line_number":348,"context_line":"                    kwargs[k] \u003d v.__class__.__name__"}],"source_content_type":"text/x-python","patch_set":1,"id":"1fa4df85_dde5e10b","line":345,"range":{"start_line":345,"start_character":69,"end_line":345,"end_character":78},"updated":"2020-03-16 21:07:54.000000000","message":"Shouldn\u0027t this be NovaException? format_message() is only on NovaExceptions and pretty much everything else is going to pass this condition right? It\u0027s just not noticed because the except block handles non-NovaException types that don\u0027t have a format_message() method.","commit_id":"2dfa7f9d1ea3cfc485e030147768329bdd6254d8"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"c576b40e962d6ec25aa569b1f58673b0e71e4192","unresolved":false,"context_lines":[{"line_number":342,"context_line":"                    # to do that again, otherwise we will always end up with"},{"line_number":343,"context_line":"                    # just str. So, only do that if exc_val is an Exception"},{"line_number":344,"context_line":"                    # class."},{"line_number":345,"context_line":"                    kwargs[k] \u003d (v.format_message() if isinstance(v, Exception)"},{"line_number":346,"context_line":"                                 else v)"},{"line_number":347,"context_line":"                except Exception:"},{"line_number":348,"context_line":"                    kwargs[k] \u003d v.__class__.__name__"}],"source_content_type":"text/x-python","patch_set":1,"id":"1fa4df85_a076be3d","line":345,"range":{"start_line":345,"start_character":69,"end_line":345,"end_character":78},"in_reply_to":"1fa4df85_dde5e10b","updated":"2020-03-16 22:01:40.000000000","message":"No, per the comment above, this is checking for \"exception or string\" not \"exception or novaexception\".","commit_id":"2dfa7f9d1ea3cfc485e030147768329bdd6254d8"},{"author":{"_account_id":6873,"name":"Matt Riedemann","email":"mriedem.os@gmail.com","username":"mriedem"},"change_message_id":"58ebb1db5eb015ad5c70ff07fced28d17c4055f9","unresolved":false,"context_lines":[{"line_number":345,"context_line":"                    kwargs[k] \u003d (v.format_message() if isinstance(v, Exception)"},{"line_number":346,"context_line":"                                 else v)"},{"line_number":347,"context_line":"                except Exception:"},{"line_number":348,"context_line":"                    kwargs[k] \u003d v.__class__.__name__"},{"line_number":349,"context_line":"            elif k \u003d\u003d \u0027exc_tb\u0027 and v and not isinstance(v, six.string_types):"},{"line_number":350,"context_line":"                kwargs[k] \u003d \u0027\u0027.join(traceback.format_tb(v))"},{"line_number":351,"context_line":"            elif isinstance(v, datetime.datetime):"}],"source_content_type":"text/x-python","patch_set":1,"id":"1fa4df85_0d4b7eb0","line":348,"updated":"2020-03-12 14:45:28.000000000","message":"Might not hurt to mention that this is the same pattern used in nova.compute.utils.exception_to_dict for recording instance faults.","commit_id":"2dfa7f9d1ea3cfc485e030147768329bdd6254d8"}],"nova/tests/unit/objects/test_objects.py":[{"author":{"_account_id":6873,"name":"Matt Riedemann","email":"mriedem.os@gmail.com","username":"mriedem"},"change_message_id":"58ebb1db5eb015ad5c70ff07fced28d17c4055f9","unresolved":false,"context_lines":[{"line_number":987,"context_line":"        expected_kwargs \u003d {\u0027a\u0027: \u0027untouched\u0027, \u0027b\u0027: self.str_now,"},{"line_number":988,"context_line":"                           \u0027c\u0027: self.str_now}"},{"line_number":989,"context_line":""},{"line_number":990,"context_line":"        nonnova \u003d kwargs.pop(\u0027nonnova\u0027, None)"},{"line_number":991,"context_line":"        if nonnova:"},{"line_number":992,"context_line":"            expected_kwargs[\u0027exc_val\u0027] \u003d \u0027TestingException\u0027"},{"line_number":993,"context_line":"        else:"}],"source_content_type":"text/x-python","patch_set":1,"id":"1fa4df85_0da7fe51","line":990,"updated":"2020-03-12 14:45:28.000000000","message":"Rather than this nonnova flag couldn\u0027t you just pop exc_val and test if it\u0027s an instanceof NovaException?","commit_id":"2dfa7f9d1ea3cfc485e030147768329bdd6254d8"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"b75f17ead10bd8ba3dff66ad9f4b1aa55d0d3dbb","unresolved":false,"context_lines":[{"line_number":987,"context_line":"        expected_kwargs \u003d {\u0027a\u0027: \u0027untouched\u0027, \u0027b\u0027: self.str_now,"},{"line_number":988,"context_line":"                           \u0027c\u0027: self.str_now}"},{"line_number":989,"context_line":""},{"line_number":990,"context_line":"        nonnova \u003d kwargs.pop(\u0027nonnova\u0027, None)"},{"line_number":991,"context_line":"        if nonnova:"},{"line_number":992,"context_line":"            expected_kwargs[\u0027exc_val\u0027] \u003d \u0027TestingException\u0027"},{"line_number":993,"context_line":"        else:"}],"source_content_type":"text/x-python","patch_set":1,"id":"1fa4df85_4d5bb653","line":990,"in_reply_to":"1fa4df85_0da7fe51","updated":"2020-03-12 14:47:00.000000000","message":"I could, I just want to be explicit so we don\u0027t get stuck in a case where we\u0027ve called through twice and make the wrong assumption ourselves.","commit_id":"2dfa7f9d1ea3cfc485e030147768329bdd6254d8"}]}