Bad/hacky function/args finding and calling #10

Open
harlowja opened this Issue May 6, 2012 · 0 comments

Comments

Projects
None yet
1 participant
Contributor

harlowja commented May 6, 2012

Instead of supporting EC2 parsers+validators and EC2 output formatters it seems like there is some weird python hack that dynamically converts a input param into a function call, or at least it is attempted.

See: https://github.com/openstack/nova/blob/stable/essex/nova/api/ec2/apirequest.py#L58

This seems like a very odd hack.

Also the same goes with that functions args (if a function is found) where this EC2 layer just basically blindly converts request parameters into function arguments instead of doing proper validation.

https://github.com/openstack/nova/blob/stable/essex/nova/api/ec2/apirequest.py#L71

This seems like a very odd hack.

From a security standpoint and from a odd hack point of view, these seem bad...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment