** Changed in: ossa
Status: Incomplete => Invalid
** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1736920
Title:
Glance images are loaded into memory
Status in OpenStack Compute (nova):
Invalid
Status in OpenStack Security Advisory:
Invalid
Bug description:
Nova appears to be loading entire responses from glance into memory
[1]. This is generally not an issue but these responses could be an
entire images [2]. Given a large enough image, this seems like a
potential avenue for DoS, not to mention being highly inefficient.
[1]
https://github.com/openstack/nova/blob/16.0.0/nova/image/glance.py#L167-L170
[2]
https://github.com/openstack/nova/blob/16.0.0/nova/image/glance.py#L292-L295
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1736920/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
