Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openstack/glance/patches/05-CVE-2015-1881.patch
branchs11-update
changeset 4072 db0cec748ec0
equal deleted inserted replaced
4067:4be1f488dda8 4072:db0cec748ec0 
       
     1 Errata patch for CVE-2015-1881
 
       
     2 https://review.openstack.org/156553
 
       
     3 git fetch https://review.openstack.org/openstack/glance refs/changes/53/156553/1 && git format-patch -1 --stdout FETCH_HEAD
 
       
     4 Fixed upstream and in a future release.
 
       
     5 ---
 
       
     6 From: abhishekkekane <[email protected]>
 
       
     7 Date: Thu, 12 Feb 2015 04:09:14 -0800
 
       
     8 Subject: [PATCH] Image data remains in backend for deleted image
 
       
     9 
       
    10 Trying to delete image created using task api (import-from) image gets
 
       
    11 deleted from the database, but image data remains in the backend. Import
 
       
    12 task does not update the location of the image and it remains None even
 
       
    13 image becomes active. Location entry is not added in the database in
 
       
    14 image_locations table.
 
       
    15 
       
    16 Added location information to the image before saving the image in
 
       
    17 the database.
 
       
    18 
       
    19 SecurityImpact
 
       
    20 
       
    21 Conflicts:
 
       
    22     glance/common/scripts/image_import/main.py
 
       
    23 
       
    24 Change-Id: Ie389de6538a9b98dc51c7d781b81b3ab10b83842
 
       
    25 Closes-Bug: #1420696
 
       
    26 (cherry picked from commit 78b5b0a9575cd5e9c4543ec0e8fd6072af1f0ebb) 
       
    27 --- glance-2014.2.2/glance/common/scripts/image_import/main.py
 
       
    28 +++ glance-2014.2.2/glance/common/scripts/image_import/main.py
 
       
    29 @@ -84,29 +84,29 @@ def import_image(image_repo, image_factory, task_input, task_id, uri):
 
       
    30      # NOTE: set image status to saving just before setting data
 
       
    31      original_image.status = 'saving'
 
       
    32      image_repo.save(original_image)
 
       
    33 -    set_image_data(original_image, uri, None)
 
       
    34 -
 
       
    35 -    # NOTE: Check if the Image is not deleted after setting the data
 
       
    36 -    # before setting it's status to active. We need to set the status
 
       
    37 -    # explicitly here using the Image object returned from image_repo .The
 
       
    38 -    # Image object returned from create_image method does not have appropriate
 
       
    39 -    # factories wrapped around it.
 
       
    40      image_id = original_image.image_id
 
       
    41 +
 
       
    42 +    # NOTE: Retrieving image from the database because the Image object
 
       
    43 +    # returned from create_image method does not have appropriate factories
 
       
    44 +    # wrapped around it.
 
       
    45      new_image = image_repo.get(image_id)
 
       
    46 -    if new_image.status in ['saving']:
 
       
    47 -        new_image.status = 'active'
 
       
    48 -        new_image.size = original_image.size
 
       
    49 -        new_image.virtual_size = original_image.virtual_size
 
       
    50 -        new_image.checksum = original_image.checksum
 
       
    51 +    set_image_data(new_image, uri, None)
 
       
    52 +
 
       
    53 +    # NOTE: Check if the Image is not deleted after setting the data
 
       
    54 +    # before saving the active image. Here if image status is
 
       
    55 +    # saving, then new_image is saved as it contains updated location,
 
       
    56 +    # size, virtual_size and checksum information and the status of
 
       
    57 +    # new_image is already set to active in set_image_data() call.
 
       
    58 +    image = image_repo.get(image_id)
 
       
    59 +    if image.status == 'saving':
 
       
    60 +        image_repo.save(new_image)
 
       
    61 +        return image_id
 
       
    62      else:
 
       
    63          msg = _LE("The Image %(image_id)s object being created by this task "
 
       
    64                    "%(task_id)s, is no longer in valid status for further "
 
       
    65                    "processing." % {"image_id": new_image.image_id,
 
       
    66                                     "task_id": task_id})
 
       
    67          raise exception.Conflict(msg)
 
       
    68 -    image_repo.save(new_image)
 
       
    69 -
 
       
    70 -    return image_id
 
       
    71  
       
    72  
       
    73  def create_image(image_repo, image_factory, image_properties, task_id):
 
       
    74 --- glance-2014.2.2/glance/tests/unit/common/scripts/image_import/test_main.py
 
       
    75 +++ glance-2014.2.2/glance/tests/unit/common/scripts/image_import/test_main.py
 
       
    76 @@ -56,7 +56,8 @@ class TestImageImport(test_utils.BaseTestCase):
 
       
    77                      image_id,
 
       
    78                      image_import_script.import_image(image_repo, image_factory,
 
       
    79                                                       task_input, None, uri))
 
       
    80 -                self.assertEqual('active', image.status)
 
       
    81 +                # Check image is in saving state before image_repo.save called
 
       
    82 +                self.assertEqual('saving', image.status)
 
       
    83                  self.assertTrue(image_repo.save.called)
 
       
    84                  mock_set_img_data.assert_called_once_with(image, uri, None)
 
       
    85                  self.assertTrue(image_repo.get.called)
upstream/oracle/userland-gate