forked from rpms/qemu-kvm
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
65 lines
2.3 KiB
65 lines
2.3 KiB
1 month ago
|
From bf01c03b0120f5ed8e54c2a30b7830901b22b893 Mon Sep 17 00:00:00 2001
|
||
|
From: Kevin Wolf <kwolf@redhat.com>
|
||
|
Date: Thu, 25 Apr 2024 14:49:40 +0200
|
||
|
Subject: [PATCH 3/4] iotests/270: Don't store data-file with json: prefix in
|
||
|
image
|
||
|
|
||
|
RH-Author: Hana Czenczek <hczenczek@redhat.com>
|
||
|
RH-MergeRequest: 1: CVE 2024-4467 (PRDSC)
|
||
|
RH-Jira: RHEL-46239
|
||
|
RH-CVE: CVE-2024-4467
|
||
|
RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
|
||
|
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||
|
RH-Acked-by: Eric Blake <eblake@redhat.com>
|
||
|
RH-Commit: [3/4] 705bcc2819ce8e0f8b9d660a93bc48de26413aec
|
||
|
|
||
|
We want to disable filename parsing for data files because it's too easy
|
||
|
to abuse in malicious image files. Make the test ready for the change by
|
||
|
passing the data file explicitly in command line options.
|
||
|
|
||
|
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
||
|
Reviewed-by: Eric Blake <eblake@redhat.com>
|
||
|
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||
|
Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
|
||
|
Upstream: N/A, embargoed
|
||
|
Signed-off-by: Hanna Czenczek <hreitz@redhat.com>
|
||
|
---
|
||
|
tests/qemu-iotests/270 | 14 +++++++++++---
|
||
|
1 file changed, 11 insertions(+), 3 deletions(-)
|
||
|
|
||
|
diff --git a/tests/qemu-iotests/270 b/tests/qemu-iotests/270
|
||
|
index 74352342db..c37b674aa2 100755
|
||
|
--- a/tests/qemu-iotests/270
|
||
|
+++ b/tests/qemu-iotests/270
|
||
|
@@ -60,8 +60,16 @@ _make_test_img -o cluster_size=2M,data_file="$TEST_IMG.orig" \
|
||
|
# "write" 2G of data without using any space.
|
||
|
# (qemu-img create does not like it, though, because null-co does not
|
||
|
# support image creation.)
|
||
|
-$QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \
|
||
|
- "$TEST_IMG"
|
||
|
+test_img_with_null_data="json:{
|
||
|
+ 'driver': '$IMGFMT',
|
||
|
+ 'file': {
|
||
|
+ 'filename': '$TEST_IMG'
|
||
|
+ },
|
||
|
+ 'data-file': {
|
||
|
+ 'driver': 'null-co',
|
||
|
+ 'size':'4294967296'
|
||
|
+ }
|
||
|
+}"
|
||
|
|
||
|
# This gives us a range of:
|
||
|
# 2^31 - 512 + 768 - 1 = 2^31 + 255 > 2^31
|
||
|
@@ -74,7 +82,7 @@ $QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \
|
||
|
# on L2 boundaries, we need large L2 tables; hence the cluster size of
|
||
|
# 2 MB. (Anything from 256 kB should work, though, because then one L2
|
||
|
# table covers 8 GB.)
|
||
|
-$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$TEST_IMG" | _filter_qemu_io
|
||
|
+$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$test_img_with_null_data" | _filter_qemu_io
|
||
|
|
||
|
_check_test_img
|
||
|
|
||
|
--
|
||
|
2.39.3
|
||
|
|