forked from rpms/qemu-kvm
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
72 lines
2.5 KiB
72 lines
2.5 KiB
6 months ago
|
From 59a84673079f9763e9507733e308442397aba703 Mon Sep 17 00:00:00 2001
|
||
|
From: Jon Maloy <jmaloy@redhat.com>
|
||
|
Date: Wed, 5 Jun 2024 19:56:51 -0400
|
||
|
Subject: [PATCH 3/5] iotests/270: Don't store data-file with json: prefix in
|
||
|
image
|
||
|
|
||
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||
|
RH-MergeRequest: 5: EMBARGOED CVE-2024-4467 for rhel-8.10.z (PRDSC)
|
||
|
RH-Jira: RHEL-35616
|
||
|
RH-CVE: CVE-2024-4467
|
||
|
RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
|
||
|
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||
|
RH-Commit: [3/5] ac08690fd3ea3af6e24b2f6a8beedcfe469917a8
|
||
|
|
||
|
commit 705bcc2819ce8e0f8b9d660a93bc48de26413aec
|
||
|
Author: Kevin Wolf <kwolf@redhat.com>
|
||
|
Date: Thu Apr 25 14:49:40 2024 +0200
|
||
|
|
||
|
iotests/270: Don't store data-file with json: prefix in image
|
||
|
|
||
|
We want to disable filename parsing for data files because it's too easy
|
||
|
to abuse in malicious image files. Make the test ready for the change by
|
||
|
passing the data file explicitly in command line options.
|
||
|
|
||
|
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
||
|
Reviewed-by: Eric Blake <eblake@redhat.com>
|
||
|
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||
|
Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
|
||
|
Upstream: N/A, embargoed
|
||
|
Signed-off-by: Hanna Czenczek <hreitz@redhat.com>
|
||
|
|
||
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||
|
---
|
||
|
tests/qemu-iotests/270 | 14 +++++++++++---
|
||
|
1 file changed, 11 insertions(+), 3 deletions(-)
|
||
|
|
||
|
diff --git a/tests/qemu-iotests/270 b/tests/qemu-iotests/270
|
||
|
index 74352342db..c37b674aa2 100755
|
||
|
--- a/tests/qemu-iotests/270
|
||
|
+++ b/tests/qemu-iotests/270
|
||
|
@@ -60,8 +60,16 @@ _make_test_img -o cluster_size=2M,data_file="$TEST_IMG.orig" \
|
||
|
# "write" 2G of data without using any space.
|
||
|
# (qemu-img create does not like it, though, because null-co does not
|
||
|
# support image creation.)
|
||
|
-$QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \
|
||
|
- "$TEST_IMG"
|
||
|
+test_img_with_null_data="json:{
|
||
|
+ 'driver': '$IMGFMT',
|
||
|
+ 'file': {
|
||
|
+ 'filename': '$TEST_IMG'
|
||
|
+ },
|
||
|
+ 'data-file': {
|
||
|
+ 'driver': 'null-co',
|
||
|
+ 'size':'4294967296'
|
||
|
+ }
|
||
|
+}"
|
||
|
|
||
|
# This gives us a range of:
|
||
|
# 2^31 - 512 + 768 - 1 = 2^31 + 255 > 2^31
|
||
|
@@ -74,7 +82,7 @@ $QEMU_IMG amend -o data_file="json:{'driver':'null-co',,'size':'4294967296'}" \
|
||
|
# on L2 boundaries, we need large L2 tables; hence the cluster size of
|
||
|
# 2 MB. (Anything from 256 kB should work, though, because then one L2
|
||
|
# table covers 8 GB.)
|
||
|
-$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$TEST_IMG" | _filter_qemu_io
|
||
|
+$QEMU_IO -c "write 768 $((2 ** 31 - 512))" "$test_img_with_null_data" | _filter_qemu_io
|
||
|
|
||
|
_check_test_img
|
||
|
|
||
|
--
|
||
|
2.39.3
|
||
|
|