yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

file_size_info: implement untrusted mode

Browse Source 
this allows checking some extra attributes for images which come from
a potentially malicious source.

since file_size_info is not part of the plugin API, no API bump is
needed. if desired, a similar check could also be implemented in
volume_size_info, which would entail bumping both APIVER and APIAGE
(since the additional parameter would make checking untrusted volumes
opt-in for external plugins).

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Reviewed-by: Fiona Ebner <f.ebner@proxmox.com>
Tested-by: Fiona Ebner <f.ebner@proxmox.com>
Reviewed-by: Dominik Csapak <d.csapak@proxmox.com>
Tested-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
Fabian Grünbichler
2024-11-04 11:42:20 +01:00
committed by Thomas Lamprecht
parent 1c0ebbaae5
commit bffcbe2662
2 changed files with 33 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/PVE/Storage.pm
View File

@ -233,9 +233,9 @@ sub storage_ids {
}
sub file_size_info {
my ($filename, $timeout) = @_;
my ($filename, $timeout, $untrusted) = @_;
return PVE::Storage::Plugin::file_size_info($filename, $timeout);
return PVE::Storage::Plugin::file_size_info($filename, $timeout, $untrusted);
}
sub get_volume_attribute {