Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1104184 - improper exception handling
Summary: improper exception handling
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-restapi
Version: 3.5.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 3.5.0
Assignee: Martin Mucha
QA Contact: Martin Mucha
URL:
Whiteboard: infra
Depends On:
Blocks: rhev3.5beta 1156165
TreeView+ depends on / blocked
 
Reported: 2014-06-03 13:01 UTC by Martin Mucha
Modified: 2016-02-10 19:24 UTC (History)
13 users (show)

Fixed In Version: ovirt-engine-3.5.0_beta
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-02-17 17:07:28 UTC
oVirt Team: Infra
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
oVirt gerrit 28658 master MERGED restapi: fixed logging error. Never

Description Martin Mucha 2014-06-03 13:01:46 UTC
Description of problem:
improper exception handling — printing to std.
org.ovirt.engine.api.restapi.types.MappingLocator.MethodInvokerMapper#map

Comment 1 Martin Mucha 2014-08-07 06:48:33 UTC
tested via artifically throwing exception in method
org.ovirt.engine.api.restapi.types.MappingLocator.MethodInvokerMapper#map
simulating failure of invoking Mapper via reflect api. In that case, MappingExceptionMapper is correctly invoked, producing expected output:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<fault>
    <reason>Operation Failed</reason>
</fault>

Problem is (somehow, without stacktrace) logged into engine.log

However, when different exception is thrown here, this exception is printed to the output with full stacktrace, which could be considered as coding error (user should not be interrested in stacktraces in any way) and security issue(nobody but us should be informed about details of failure), both indicate exception handling error on some toplevel class. Will be discussed and potentially addressed in separate bug. But change related to this bug works as expected.

Comment 2 Eyal Edri 2015-02-17 17:07:28 UTC
rhev 3.5.0 was released. closing.


Note You need to log in before you can comment on or make changes to this bug.