OK, so this sounds completely insane. We're going to use the format inspector to check qcow2's for the backing_file and data_file exploits, which we know occur upon image conversion, not image info, but continue to use 'qemu-img info' for every other kind of file, including qcow2's that do *not* have backing_file or data_file issues, but very well could have something else?
What I'm trying to say is that if this LP Bug is addressing the qcow2 data_file issue, the format inspector approach seems to be overkill, and if the LP Bug is supposed to address the issue that openstack is using 'qemu-img info' to look at any images at all, then it's not nearly enough. So what exactly are we trying to fix here?
OK, so this sounds completely insane. We're going to use the format inspector to check qcow2's for the backing_file and data_file exploits, which we know occur upon image conversion, not image info, but continue to use 'qemu-img info' for every other kind of file, including qcow2's that do *not* have backing_file or data_file issues, but very well could have something else?
What I'm trying to say is that if this LP Bug is addressing the qcow2 data_file issue, the format inspector approach seems to be overkill, and if the LP Bug is supposed to address the issue that openstack is using 'qemu-img info' to look at any images at all, then it's not nearly enough. So what exactly are we trying to fix here?