Lack of validation on the Flow model specified can lead to issues in the consistency checks

[viniarck]

As of now, the lack of validation in the Flow model that's used by the method _install_flows can lead to issues in the consistency checks if a wrong type is passed, for example dl_vlan is supposed to be an integer type, but accidentally if someone passes as a string the request would be accepted and cast, but it would lead issues in the consistency check when comparing the data structure.

How to reproduce

• Send this payload to /api/kytos/flow_manager/v2/flows/{{dpid}}

{
  "flows": [
    {
      "priority": 100,
      "match": {
        "in_port": 1,
        "dl_vlan": "200"
      },
      "actions": [
        {
          "action_type": "output",
          "port": 2
        }
      ]
    }
  ]
}

• Notice that in the consistency check it would detect an alien flow, since in the switch parsed from of stats the dl_vlan is an integer, but stored we have an string, and then it would try to install it again:

kytos $> 2021-11-08 12:29:39,213 - INFO [kytos.napps.kytos/flow_manager] (Thread-658) Send FlowMod from request dpid: 00:00:00:00:00:00:00:01 command: add flows_dict: {'flows': [{'prior
ity': 100, 'match': {'in_port': 1, 'dl_vlan': '200'}, 'actions': [{'action_type': 'output', 'port': 2}]}]}
2021-11-08 12:29:39,220 - INFO [kytos.napps.kytos/flow_manager] (Thread-659) Flow saved in kytos.flow.persistence.eef52dec1b3b42ddba45b42652e0df9e
kytos $>

kytos $>

kytos $> 2021-11-08 12:30:02,120 - INFO [kytos.napps.kytos/flow_manager] (Thread-806) A consistency problem was detected in switch 00:00:00:00:00:00:00:01.
2021-11-08 12:30:02,126 - INFO [kytos.napps.kytos/flow_manager] (Thread-806) Flow forwarded to switch 00:00:00:00:00:00:00:01 to be deleted. Flow: {'flows': [{'switch': '00:00:00:00:00:
00:00:01', 'table_id': 0, 'match': {'in_port': 1, 'dl_vlan': 200}, 'priority': 100, 'idle_timeout': 0, 'hard_timeout': 0, 'cookie': 0, 'id': 'f313ba49373985098e144feb03b7e574', 'stats':
 {'byte_count': 0, 'duration_sec': 22, 'duration_nsec': 865000000, 'packet_count': 0}, 'cookie_mask': 0, 'instructions': [{'instruction_type': 'apply_actions', 'actions': [{'port': 2, '
action_type': 'output'}]}]}]}
kytos $>

kytos $>

kytos $> 2021-11-08 12:31:02,115 - INFO [kytos.napps.kytos/flow_manager] (Thread-1163) A consistency problem was detected in switch 00:00:00:00:00:00:00:01.
2021-11-08 12:31:02,122 - INFO [kytos.napps.kytos/flow_manager] (Thread-1163) Flow forwarded to switch 00:00:00:00:00:00:00:01 to be installed. Flow: {'flows': [{'priority': 100, 'match
': {'in_port': 1, 'dl_vlan': '200'}, 'actions': [{'action_type': 'output', 'port': 2}]}]}
2021-11-08 12:32:02,130 - INFO [kytos.napps.kytos/flow_manager] (Thread-1501) A consistency problem was detected in switch 00:00:00:00:00:00:00:01.
2021-11-08 12:32:02,138 - INFO [kytos.napps.kytos/flow_manager] (Thread-1501) Flow forwarded to switch 00:00:00:00:00:00:00:01 to be deleted. Flow: {'flows': [{'switch': '00:00:00:00:00
:00:00:01', 'table_id': 0, 'match': {'in_port': 1, 'dl_vlan': 200}, 'priority': 100, 'idle_timeout': 0, 'hard_timeout': 0, 'cookie': 0, 'id': 'f313ba49373985098e144feb03b7e574', 'stats'
: {'byte_count': 0, 'duration_sec': 59, 'duration_nsec': 970000000, 'packet_count': 0}, 'cookie_mask': 0, 'instructions': [{'instruction_type': 'apply_actions', 'actions': [{'port': 2,
'action_type': 'output'}]}]}]}
2021-11-08 12:32:02,140 - INFO [kytos.napps.kytos/flow_manager] (Thread-1501) A consistency problem was detected in switch 00:00:00:00:00:00:00:01.
2021-11-08 12:32:02,146 - INFO [kytos.napps.kytos/flow_manager] (Thread-1501) Flow forwarded to switch 00:00:00:00:00:00:00:01 to be installed. Flow: {'flows': [{'priority': 100, 'match
': {'in_port': 1, 'dl_vlan': '200'}, 'actions': [{'action_type': 'output', 'port': 2}]}]}
kytos $>

Solution

Start validating the model in the boundaries at the rest endpoint and also in the listen_to event and pass it down ensuring the validation is all set to methods/functions that need this data structure.