OpenStack Compute (nova)

  1. Bug #1221190
  2. Comment #83

Comment 83 for bug 1221190

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (stable/havana)

Reviewed: https://review.openstack.org/82841
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=25e761acd56d4c820273fc0245ada06c500c1637
Submitter: Jenkins
Branch: stable/havana

commit 25e761acd56d4c820273fc0245ada06c500c1637
Author: David Ripton <email address hidden>
Date: Tue Jan 28 16:38:51 2014 -0500

    Persist image format to a file, to prevent attacks based on changing it

    The attack is based on creating a raw image that looks like a qcow2
    image, and taking advantage of the code that used 'qemu-img info' to
    autodetect the image format.

    Now we store the image format to a 'disk.info' file, for Qcow2 and Raw
    images, and only autodetect for images that have never been written to
    that file.

    SecurityImpact

    Conflicts:
     nova/virt/libvirt/imagebackend.py

    Manual tweaks to some mocking in test_imagebackend.py

    Change-Id: I2016efdb3f49a44ec4d677ac596eacc97871f30a
    Co-authored-by: Nikola Dipanov <email address hidden>
    Closes-bug: #1221190