>From 5def2a6d055fc7f0d0b957a216be7e37fb464cf8 Mon Sep 17 00:00:00 2001 From: Richard W.M. Jones Date: Fri, 22 Oct 2010 12:48:25 +0100 Subject: [PATCH 8/8] resize: Specify format of input, output disk (RHBZ#642934,CVE-2010-3851). This adds two new options: --format specifies the format of the input disk, and --output-format specified the format of the output disk. Requiring the format of the output disk seems a bit strange at first: after all, this is the disk that the virt-resize user has to create. However it is needed because we sometimes reopen this disk, after copying data over the first sector, and in theory a raw-format guest could write a qcow2 header here and have it copied to the output disk, which we would subsequently reopen. --- tools/virt-resize | 45 ++++++++++++++++++++++++++++++++++++++++++--- 1 files changed, 42 insertions(+), 3 deletions(-) diff --git a/tools/virt-resize b/tools/virt-resize index 8a71f96..8a473ca 100755 --- a/tools/virt-resize +++ b/tools/virt-resize @@ -516,6 +516,36 @@ my $quiet; Don't print the summary. +=cut + +my $format; + +=item B<--format> raw + +Specify the format of the input disk image. If this flag is not +given then it is auto-detected from the image itself. + +If working with untrusted raw-format guest disk images, you should +ensure the format is always specified. + +Note that this option I affect the output format. +See L. + +=cut + +my $output_format; + +=item B<--output-format> raw + +Specify the format of the output disk image. If this flag is not +given then it is auto-detected from the image itself. + +If working with untrusted raw-format guest disk images, you should +ensure the format is always specified. + +Note that you still need to create the output disk with the right +format. See L. + =back =cut @@ -535,6 +565,8 @@ GetOptions ("help|?" => \$help, "d|debug" => \$debug, "n|dryrun|dry-run" => \$dryrun, "q|quiet" => \$quiet, + "format=s" => \$format, + "output-format=s" => \$output_format, ) or pod2usage (2); pod2usage (1) if $help; if ($version) { @@ -562,8 +594,13 @@ sub launch_guestfs { $g = Sys::Guestfs->new (); $g->set_trace (1) if $debug; - $g->add_drive_ro ($infile); - $g->add_drive ($outfile); + my @args = ($infile); + push @args, readonly => 1; + push @args, format => $format if defined $format; + $g->add_drive_opts (@args); + @args = ($outfile); + push @args, format => $output_format if defined $output_format; + $g->add_drive_opts (@args); $g->set_progress_callback (\&progress_callback) unless $quiet; $g->launch (); } @@ -1204,7 +1241,9 @@ sub restart_appliance $g = Sys::Guestfs->new (); $g->set_trace (1) if $debug; - $g->add_drive ($outfile); + my @args = ($outfile); + push @args, format => $output_format if defined $output_format; + $g->add_drive_opts (@args); $g->launch (); # Target partitions have changed from /dev/sdb to /dev/sda, -- 1.7.3.1