Skip to content

Properly handle errors in policy listing #15748

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 13, 2017
Merged

Properly handle errors in policy listing #15748

merged 1 commit into from
Aug 13, 2017

Conversation

simo5
Copy link
Contributor

@simo5 simo5 commented Aug 11, 2017

In some policy{binding} function a conversion is performed after listing,
but error checking is not properly performed on the previous listing
function return.
This can cause panics on errors.

Fixes #15747

@simo5
Properly handle errors in policy listing
719da77 
In some policy{binding} function a conversion is performed after listing,
but error checking is not properly performed on the previous listing
function return.
This can cause panics on errors.

Fixes openshift#15747

Signed-off-by: Simo Sorce <simo@redhat.com>
@openshift-merge-robot openshift-merge-robot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Aug 11, 2017
pweil-
pweil- reviewed Aug 11, 2017
View reviewed changes
Copy link

@pweil- pweil- left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should ToPolicyList and the other casts also be updated to check for nil pointers? It looks like they may be used elsewhere

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Aug 11, 2017
@openshift-merge-robot openshift-merge-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 11, 2017
@pweil- pweil- removed the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 11, 2017
@simo5
Copy link
Contributor Author

simo5 commented Aug 11, 2017

@pweil- I'm checking if there are other callers that may pass nil to them, but I do not think we should protect from nil within them.

@pweil- pweil- removed the lgtm Indicates that a PR is ready to be merged. label Aug 11, 2017
@simo5
Copy link
Contributor Author

simo5 commented Aug 11, 2017

I do not see any other place where nil could be passed in.

@smarterclayton
Copy link
Contributor

Looks good testing locally (had same problem, but everything worked correctly).

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Aug 11, 2017
@openshift-merge-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: simo5, smarterclayton

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@openshift-merge-robot openshift-merge-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 11, 2017
@pweil-
Copy link

pweil- commented Aug 11, 2017

@simo5 in.Items just looks unsafe to me but if this is all internal then /lgtm too

func ToPolicyList(in *ClusterPolicyList) *PolicyList {
	ret := &PolicyList{}
	for _, curr := range in.Items {

@simo5
Copy link
Contributor Author

simo5 commented Aug 11, 2017
edited
Loading

@pweil- the contract in that interface is that you pass in a valid pointer, not nil, there is no other argument, so passing nil makes no sense anyway. I think it is better to catch misuse with a panic() in this specific case than papering it over by returning an error.

@simo5
Copy link
Contributor Author

simo5 commented Aug 11, 2017

/retest

@simo5
Copy link
Contributor Author

simo5 commented Aug 12, 2017

/test extended_conformance_gce

@simo5
Copy link
Contributor Author

simo5 commented Aug 12, 2017

@smarterclayton the extended_conformance_gce test failed twice, but I do not see any obvious cause. Looks like a flake, but I cannot find out if we have alredy seen this elsewhere ...
Should we just push this in ?

@simo5
Copy link
Contributor Author

simo5 commented Aug 12, 2017

/test extended_conformance_gce

@smarterclayton
Copy link
Contributor

smarterclayton commented Aug 12, 2017 via email

@smarterclayton
Copy link
Contributor

smarterclayton commented Aug 12, 2017 via email

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

1 similar comment
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-merge-robot
Copy link
Contributor

/test all [submit-queue is verifying that this PR is safe to merge]

@openshift-merge-robot
Copy link
Contributor

Automatic merge from submit-queue (batch tested with PRs 15657, 15748)

@openshift-merge-robot openshift-merge-robot merged commit 242826d into openshift:master Aug 13, 2017
@openshift-ci-robot
Copy link

openshift-ci-robot commented Aug 13, 2017
edited
Loading

@simo5: The following test failed, say /retest to rerun them all:

Test name Commit Details Rerun command
ci/openshift-jenkins/extended_conformance_gce 719da77 link /test extended_conformance_gce

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@pweil-
Copy link

pweil- commented Aug 14, 2017

catch misuse with a panic() in this specific case than papering it over by returning an error

oh I didn't mean return an error here. I meant that converting a nil *ClusterPolicyList should just return a nil *PolicyList. That seems like expected behavior IMO rather than a panic.

@simo5
Copy link
Contributor Author

simo5 commented Aug 14, 2017

@pweil- that code is going away, normally I would open a followup ticket, but in this case I would just ignore. (RBAC is coming and all policy stuff is going to be dropped eventually)

@enj
Copy link
Contributor

enj commented Aug 14, 2017

This probably needs a backport to 3.6...

@simo5 simo5 mentioned this pull request Aug 14, 2017
Merged
openshift-merge-robot added a commit that referenced this pull request Aug 16, 2017
@openshift-merge-robot
Merge pull request #15762 from simo5/cpbpanic36
dce814f 
Automatic merge from submit-queue

Properly handle errors in policy listing

In some policy{binding} function a conversion is performed after listing,
but error checking is not properly performed on the previous listing
function return.
This can cause panics on errors.

Fixed for master, #15747 via #15748
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@pweil- pweil- pweil- left review comments

Reviewers whose approvals may not affect merge requirements
Assignees

@smarterclayton smarterclayton

@pweil- pweil-

@csrwng csrwng

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@simo5 @smarterclayton @openshift-merge-robot @pweil- @openshift-bot @openshift-ci-robot @enj @csrwng