Ubuntu Cloud Archive

  1. Bug #2059809
  2. Comment #326

Comment 326 for bug 2059809

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (stable/2023.2)

Reviewed: https://review.opendev.org/c/openstack/nova/+/923285
Committed: https://opendev.org/openstack/nova/commit/0acf5ee7b5dfb6ff0f9a9745f5ad2a0ed2bf65bf
Submitter: "Zuul (22348)"
Branch: stable/2023.2

commit 0acf5ee7b5dfb6ff0f9a9745f5ad2a0ed2bf65bf
Author: Dan Smith <email address hidden>
Date: Wed Apr 17 07:06:13 2024 -0700

    Check images with format_inspector for safety

    It has been asserted that we should not be calling qemu-img info
    on untrusted files. That means we need to know if they have a
    backing_file, data_file or other unsafe configuration *before* we use
    qemu-img to probe or convert them.

    This grafts glance's format_inspector module into nova/images so we
    can use it to check the file early for safety. The expectation is that
    this will be moved to oslo.utils (or something) later and thus we will
    just delete the file from nova and change our import when that happens.

    NOTE: This includes whitespace changes from the glance version of
    format_inspector.py because of autopep8 demands.

    Change-Id: Iaefbe41b4c4bf0cf95d8f621653fdf65062aaa59
    Closes-Bug: #2059809
    (cherry picked from commit 9cdce715945619fc851ab3f43c97fab4bae4e35a)
    (cherry picked from commit f07fa55fd86726eeafcd4c0c687bc49dd4df9f4c)