api: iso up/download: check file content
by letting it run through 'file_size_info' as 'untrusted', since that does the necessary checks. We do this so we don't accidentally up/download a file that is not a valid iso Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> Reviewed-by: Fiona Ebner <f.ebner@proxmox.com> Tested-by: Fiona Ebner <f.ebner@proxmox.com>
This commit is contained in:
Dominik Csapak
committed by
Thomas Lamprecht
Thomas Lamprecht
parent
5005ff5ab9
commit
8652cb9de3
@ -2196,4 +2196,14 @@ sub get_import_metadata {
|
||||
return $plugin->get_import_metadata($scfg, $volname, $storeid);
|
||||
}
|
||||
|
||||
# dies if the content of the given path is unexpected for an ISO
|
||||
sub assert_iso_content {
|
||||
my ($path) = @_;
|
||||
|
||||
# check for things like backing image
|
||||
file_size_info($path, undef, 1);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
Reference in New Issue
Block a user