[Openstack-security] [openstack/nova] SecurityImpact review request change I2016efdb3f49a44ec4d677ac596eacc97871f30a
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Mar 26 23:38:11 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/82841
Log:
commit 3ebf229abcea0c79cda0be03c7bb27d136c1f725
Author: David Ripton <dripton at redhat.com>
Date: Tue Jan 28 16:38:51 2014 -0500
Persist image format to a file, to prevent attacks based on changing it
The attack is based on creating a raw image that looks like a qcow2
image, and taking advantage of the code that used 'qemu-img info' to
autodetect the image format.
Now we store the image format to a 'disk.info' file, for Qcow2 and Raw
images, and only autodetect for images that have never been written to
that file.
SecurityImpact
Closes-bug: #1221190
Conflicts:
nova/virt/libvirt/imagebackend.py
Manual tweaks to some mocking in test_imagebackend.py
Change-Id: I2016efdb3f49a44ec4d677ac596eacc97871f30a
(cherry picked from commit 7fc3440cd3ad799a743797077aaffb0a3910d1e4)
More information about the Openstack-security
mailing list