diff -r 55e409ba4e72 -r 66fd59fecd68 components/openstack/glance/patches/06-CVE-2014-9684.patch --- a/components/openstack/glance/patches/06-CVE-2014-9684.patch Fri Feb 05 11:09:10 2016 -0800 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,82 +0,0 @@ -Errata patch for CVE-2014-9684 -https://review.openstack.org/157067 -git fetch https://review.openstack.org/openstack/glance refs/changes/67/157067/3 && git format-patch -1 --stdout FETCH_HEAD -Fixed upstream and in a future release. ---- -From: Mike Fedosin -Date: Thu, 18 Sep 2014 18:07:42 +0400 -Subject: [PATCH] Initiate deletion of image files if the import was - interrupted - -If the image is deleted by appropriate API call while its content -is still being uploaded in import task in v2, an exception is raised -and it is not handled in the API code. This leads to the fact that -the uploaded image file stays in a storage and clogs it. - -There existed code that safely removes image files if the exception -occurs. - -SecurityImpact - -Conflicts: - glance/common/scripts/image_import/main.py - -Closes-Bug: 1371118 -Change-Id: I4f7d1aa103f4ce7abf4026e7097b9e76c24135fa -(cherry picked from commit 7858d4d95154c8596720365e465cca7858cfec5c) ---- glance-2014.2.2/glance/common/scripts/image_import/main.py -+++ glance-2014.2.2/glance/common/scripts/image_import/main.py -@@ -22,6 +22,7 @@ import six - from glance.api.v2 import images as v2_api - from glance.common import exception - from glance.common.scripts import utils as script_utils -+from glance.common import store_utils - from glance.common import utils as common_utils - from glance import i18n - from glance.openstack.common import excutils -@@ -92,21 +93,30 @@ def import_image(image_repo, image_factory, task_input, task_id, uri): - new_image = image_repo.get(image_id) - set_image_data(new_image, uri, None) - -- # NOTE: Check if the Image is not deleted after setting the data -- # before saving the active image. Here if image status is -- # saving, then new_image is saved as it contains updated location, -- # size, virtual_size and checksum information and the status of -- # new_image is already set to active in set_image_data() call. -- image = image_repo.get(image_id) -- if image.status == 'saving': -- image_repo.save(new_image) -- return image_id -- else: -- msg = _LE("The Image %(image_id)s object being created by this task " -- "%(task_id)s, is no longer in valid status for further " -- "processing." % {"image_id": new_image.image_id, -- "task_id": task_id}) -- raise exception.Conflict(msg) -+ try: -+ # NOTE: Check if the Image is not deleted after setting the data -+ # before saving the active image. Here if image status is -+ # saving, then new_image is saved as it contains updated location, -+ # size, virtual_size and checksum information and the status of -+ # new_image is already set to active in set_image_data() call. -+ image = image_repo.get(image_id) -+ if image.status == 'saving': -+ image_repo.save(new_image) -+ return image_id -+ else: -+ msg = _("The Image %(image_id)s object being created by this task " -+ "%(task_id)s, is no longer in valid status for further " -+ "processing.") % {"image_id": image_id, -+ "task_id": task_id} -+ raise exception.Conflict(msg) -+ except (exception.Conflict, exception.NotFound): -+ with excutils.save_and_reraise_exception(): -+ if new_image.locations: -+ for location in new_image.locations: -+ store_utils.delete_image_location_from_backend( -+ new_image.context, -+ image_id, -+ location) - - - def create_image(image_repo, image_factory, image_properties, task_id):