From 9258174a25a9f9776de649262e5d756a0622c93e Mon Sep 17 00:00:00 2001 From: James Rasell Date: Tue, 15 Nov 2022 14:09:14 +0000 Subject: [PATCH 1/2] api: ensure all request body decode error return a 400 status code. --- command/agent/acl_endpoint.go | 6 +++--- command/agent/agent_endpoint.go | 6 +++--- command/agent/namespace_endpoint.go | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/command/agent/acl_endpoint.go b/command/agent/acl_endpoint.go index fb444b4e454..9eb71121a15 100644 --- a/command/agent/acl_endpoint.go +++ b/command/agent/acl_endpoint.go @@ -73,7 +73,7 @@ func (s *HTTPServer) aclPolicyUpdate(resp http.ResponseWriter, req *http.Request // Parse the policy var policy structs.ACLPolicy if err := decodeBody(req, &policy); err != nil { - return nil, CodedError(500, err.Error()) + return nil, CodedError(http.StatusBadRequest, err.Error()) } // Ensure the policy name matches @@ -244,7 +244,7 @@ func (s *HTTPServer) aclTokenUpdate(resp http.ResponseWriter, req *http.Request, // Parse the token var token structs.ACLToken if err := decodeBody(req, &token); err != nil { - return nil, CodedError(500, err.Error()) + return nil, CodedError(http.StatusBadRequest, err.Error()) } // Ensure the token accessor matches @@ -311,7 +311,7 @@ func (s *HTTPServer) ExchangeOneTimeToken(resp http.ResponseWriter, req *http.Re var args structs.OneTimeTokenExchangeRequest if err := decodeBody(req, &args); err != nil { - return nil, CodedError(500, err.Error()) + return nil, CodedError(http.StatusBadRequest, err.Error()) } s.parseWriteRequest(req, &args.WriteRequest) diff --git a/command/agent/agent_endpoint.go b/command/agent/agent_endpoint.go index baebe025280..898001ca8cc 100644 --- a/command/agent/agent_endpoint.go +++ b/command/agent/agent_endpoint.go @@ -509,17 +509,17 @@ func (s *HTTPServer) KeyringOperationRequest(resp http.ResponseWriter, req *http sresp, err = kmgr.ListKeys() case "install": if err := decodeBody(req, &args); err != nil { - return nil, CodedError(500, err.Error()) + return nil, CodedError(http.StatusBadRequest, err.Error()) } sresp, err = kmgr.InstallKey(args.Key) case "use": if err := decodeBody(req, &args); err != nil { - return nil, CodedError(500, err.Error()) + return nil, CodedError(http.StatusBadRequest, err.Error()) } sresp, err = kmgr.UseKey(args.Key) case "remove": if err := decodeBody(req, &args); err != nil { - return nil, CodedError(500, err.Error()) + return nil, CodedError(http.StatusBadRequest, err.Error()) } sresp, err = kmgr.RemoveKey(args.Key) default: diff --git a/command/agent/namespace_endpoint.go b/command/agent/namespace_endpoint.go index 64f9a20ab0a..ccea00bd2b4 100644 --- a/command/agent/namespace_endpoint.go +++ b/command/agent/namespace_endpoint.go @@ -80,7 +80,7 @@ func (s *HTTPServer) namespaceUpdate(resp http.ResponseWriter, req *http.Request // Parse the namespace var namespace structs.Namespace if err := decodeBody(req, &namespace); err != nil { - return nil, CodedError(500, err.Error()) + return nil, CodedError(http.StatusBadRequest, err.Error()) } // Ensure the namespace name matches From 5ce92ea8290a89f052eb72d20425865f1d6bcfb9 Mon Sep 17 00:00:00 2001 From: James Rasell Date: Tue, 15 Nov 2022 14:12:31 +0000 Subject: [PATCH 2/2] changelog: add entry for #15252 --- .changelog/15252.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/15252.txt diff --git a/.changelog/15252.txt b/.changelog/15252.txt new file mode 100644 index 00000000000..dbc28731871 --- /dev/null +++ b/.changelog/15252.txt @@ -0,0 +1,3 @@ +```release-note:bug +api: Ensure all request body decode errors return a 400 status code +```