From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH v6 storage 1/1] (remote) export: check and untaint format
Date: Wed, 28 Sep 2022 14:50:59 +0200 [thread overview]
Message-ID: <20220928125059.1139296-14-f.gruenbichler@proxmox.com> (raw)
In-Reply-To: <20220928125059.1139296-1-f.gruenbichler@proxmox.com>
this format comes from the remote cluster, so it might not be supported
on the source side - checking whether it's known (as additional
safeguard) and untainting (to avoid open3 failure) is required.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
Notes:
v6: new
PVE/CLI/pvesm.pm | 6 ++----
PVE/Storage.pm | 9 +++++++++
2 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/PVE/CLI/pvesm.pm b/PVE/CLI/pvesm.pm
index 003b019..9b9676b 100755
--- a/PVE/CLI/pvesm.pm
+++ b/PVE/CLI/pvesm.pm
@@ -30,8 +30,6 @@ use PVE::CLIHandler;
use base qw(PVE::CLIHandler);
-my $KNOWN_EXPORT_FORMATS = ['raw+size', 'tar+size', 'qcow2+size', 'vmdk+size', 'zfs', 'btrfs'];
-
my $nodename = PVE::INotify::nodename();
sub param_mapping {
@@ -269,7 +267,7 @@ __PACKAGE__->register_method ({
format => {
description => "Export stream format",
type => 'string',
- enum => $KNOWN_EXPORT_FORMATS,
+ enum => $PVE::Storage::KNOWN_EXPORT_FORMATS,
},
filename => {
description => "Destination file name",
@@ -355,7 +353,7 @@ __PACKAGE__->register_method ({
format => {
description => "Import stream format",
type => 'string',
- enum => $KNOWN_EXPORT_FORMATS,
+ enum => $PVE::Storage::KNOWN_EXPORT_FORMATS,
},
filename => {
description => "Source file name. For '-' stdin is used, the " .
diff --git a/PVE/Storage.pm b/PVE/Storage.pm
index b9c53a1..ce61fee 100755
--- a/PVE/Storage.pm
+++ b/PVE/Storage.pm
@@ -48,6 +48,8 @@ use constant APIVER => 10;
# see https://www.gnu.org/software/libtool/manual/html_node/Libtool-versioning.html
use constant APIAGE => 1;
+our $KNOWN_EXPORT_FORMATS = ['raw+size', 'tar+size', 'qcow2+size', 'vmdk+size', 'zfs', 'btrfs'];
+
# load standard plugins
PVE::Storage::DirPlugin->register();
PVE::Storage::LVMPlugin->register();
@@ -1949,6 +1951,13 @@ sub volume_import_start {
sub volume_export_start {
my ($cfg, $volid, $format, $log, $opts) = @_;
+ my $known_format = [ grep { $_ eq $format } $KNOWN_EXPORT_FORMATS->@* ];
+ if (!$known_format->@*) {
+ die "Cannot export '$volid' using unknown export format '$format'\n";
+ }
+
+ $format = ($known_format->@*)[0];
+
my $run_command_params = delete $opts->{cmd} // {};
my $cmds = $volume_export_prepare->($cfg, $volid, $format, $log, $opts);
--
2.30.2
next prev parent reply other threads:[~2022-09-28 12:51 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-28 12:50 [pve-devel] [PATCH-SERIES v6 0/13] remote migration Fabian Grünbichler
2022-09-28 12:50 ` [pve-devel] [PATCH v6 access-control 1/1] privs: add Sys.Incoming Fabian Grünbichler
2022-11-07 15:38 ` [pve-devel] applied: " Thomas Lamprecht
2022-09-28 12:50 ` [pve-devel] [PATCH v6 common 1/1] schema: take over 'pve-targetstorage' option Fabian Grünbichler
2022-11-07 15:31 ` [pve-devel] applied: " Thomas Lamprecht
2022-09-28 12:50 ` [pve-devel] [PATCH v6 container 1/3] migration: add remote migration Fabian Grünbichler
2022-10-03 13:22 ` [pve-devel] [PATCH FOLLOW-UP " Fabian Grünbichler
2022-09-28 12:50 ` [pve-devel] [PATCH v6 container 2/3] pct: add 'remote-migrate' command Fabian Grünbichler
2022-09-28 12:50 ` [pve-devel] [PATCH v6 container 3/3] migrate: print mapped volume in error Fabian Grünbichler
2022-09-28 12:50 ` [pve-devel] [PATCH v6 docs 1/1] pveum: mention Sys.Incoming privilege Fabian Grünbichler
2022-11-07 15:45 ` [pve-devel] applied: " Thomas Lamprecht
2022-09-28 12:50 ` [pve-devel] [PATCH v6 qemu-server 1/6] schema: move 'pve-targetstorage' to pve-common Fabian Grünbichler
2022-11-07 15:31 ` [pve-devel] applied: " Thomas Lamprecht
2022-09-28 12:50 ` [pve-devel] [PATCH v6 qemu-server 2/6] mtunnel: add API endpoints Fabian Grünbichler
2022-09-30 11:52 ` Stefan Hanreich
2022-10-03 7:11 ` Fabian Grünbichler
2022-10-03 13:22 ` [pve-devel] [PATCH FOLLOW-UP " Fabian Grünbichler
2022-10-18 6:23 ` [pve-devel] [PATCH " DERUMIER, Alexandre
2022-09-28 12:50 ` [pve-devel] [PATCH v6 qemu-server 3/6] migrate: refactor remote VM/tunnel start Fabian Grünbichler
2022-09-28 12:50 ` [pve-devel] [PATCH v6 qemu-server 4/6] migrate: add remote migration handling Fabian Grünbichler
2022-09-28 12:50 ` [pve-devel] [PATCH v6 qemu-server 5/6] api: add remote migrate endpoint Fabian Grünbichler
2022-09-28 12:50 ` [pve-devel] [PATCH v6 qemu-server 6/6] qm: add remote-migrate command Fabian Grünbichler
2022-10-17 14:40 ` DERUMIER, Alexandre
2022-10-18 6:39 ` Thomas Lamprecht
2022-10-18 6:56 ` DERUMIER, Alexandre
2022-10-17 17:22 ` DERUMIER, Alexandre
2022-09-28 12:50 ` Fabian Grünbichler [this message]
2022-09-29 12:39 ` [pve-devel] applied: [PATCH v6 storage 1/1] (remote) export: check and untaint format Thomas Lamprecht
2022-10-04 15:29 ` [pve-devel] [PATCH-SERIES v6 0/13] remote migration DERUMIER, Alexandre
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220928125059.1139296-14-f.gruenbichler@proxmox.com \
--to=f.gruenbichler@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.