commit 915fdbbfb82272b87cd80210943372b09351cf88
Author: Matthew Booth <email address hidden>
Date: Fri Dec 11 13:40:54 2015 +0000
Fix backing file detection in libvirt live snapshot
When doing a live snapshot, the libvirt driver creates an intermediate
qcow2 file with the same backing file as the original disk. However,
it calls qemu-img info without specifying the input format explicitly.
An authenticated user can write data to a raw disk which will cause
this code to misinterpret the disk as a qcow2 file with a
user-specified backing file on the host, and return an arbitrary host
file as the backing file.
This bug does not appear to result in a data leak in this case, but
this is hard to verify. It certainly results in corrupt output.
Reviewed: https:/ /review. openstack. org/264814 /git.openstack. org/cgit/ openstack/ nova/commit/ ?id=915fdbbfb82 272b87cd8021094 3372b09351cf88
Committed: https:/
Submitter: Jenkins
Branch: master
commit 915fdbbfb82272b 87cd80210943372 b09351cf88
Author: Matthew Booth <email address hidden>
Date: Fri Dec 11 13:40:54 2015 +0000
Fix backing file detection in libvirt live snapshot
When doing a live snapshot, the libvirt driver creates an intermediate
qcow2 file with the same backing file as the original disk. However,
it calls qemu-img info without specifying the input format explicitly.
An authenticated user can write data to a raw disk which will cause
this code to misinterpret the disk as a qcow2 file with a
user-specified backing file on the host, and return an arbitrary host
file as the backing file.
This bug does not appear to result in a data leak in this case, but
this is hard to verify. It certainly results in corrupt output.
Closes-Bug: #1524274
Change-Id: I11485f077d28f4 e97529a691e55e3 e3c0bea8872