From 8652cb9de3dc0b2e03ad2324a02807325f1a1f49 Mon Sep 17 00:00:00 2001 From: Dominik Csapak Date: Mon, 18 Nov 2024 15:31:12 +0100 Subject: [PATCH] api: iso up/download: check file content by letting it run through 'file_size_info' as 'untrusted', since that does the necessary checks. We do this so we don't accidentally up/download a file that is not a valid iso Signed-off-by: Dominik Csapak Reviewed-by: Fiona Ebner Tested-by: Fiona Ebner --- src/PVE/API2/Storage/Status.pm | 12 ++++++++++++ src/PVE/Storage.pm | 10 ++++++++++ 2 files changed, 22 insertions(+) diff --git a/src/PVE/API2/Storage/Status.pm b/src/PVE/API2/Storage/Status.pm index f86e5d3..47f82d7 100644 --- a/src/PVE/API2/Storage/Status.pm +++ b/src/PVE/API2/Storage/Status.pm @@ -510,6 +510,10 @@ __PACKAGE__->register_method ({ die "checksum mismatch: got '$checksum_got' != expect '$checksum'\n"; } } + + if ($content eq 'iso') { + PVE::Storage::assert_iso_content($tmpfilename); + } }; if (my $err = $@) { # unlinks only the temporary file from the http server @@ -662,6 +666,14 @@ __PACKAGE__->register_method({ $opts->{hash_required} = 1; } + $opts->{assert_file_validity} = sub { + my ($tmp_path) = @_; + + if ($content eq 'iso') { + PVE::Storage::assert_iso_content($tmp_path); + } + }; + my $worker = sub { if ($compression) { die "decompression not supported for $content\n" if $content ne 'iso'; diff --git a/src/PVE/Storage.pm b/src/PVE/Storage.pm index b876651..1c4c5cd 100755 --- a/src/PVE/Storage.pm +++ b/src/PVE/Storage.pm @@ -2196,4 +2196,14 @@ sub get_import_metadata { return $plugin->get_import_metadata($scfg, $volname, $storeid); } +# dies if the content of the given path is unexpected for an ISO +sub assert_iso_content { + my ($path) = @_; + + # check for things like backing image + file_size_info($path, undef, 1); + + return 1; +} + 1;