Mercurial Mercurial > upstream > oracle > userland-gate / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
20433402 The fix for 20388250 is incomplete
authorDrew Fisher <drew.fisher@oracle.com>
Wed, 28 Jan 2015 15:28:28 -0800
changeset 3700 86697167a9fb
parent 3699 cfab3c6e04f1
child 3701 2c4a1656e035
20433402 The fix for 20388250 is incomplete
components/openstack/glance/patches/08-CVE-2015-1195.patch file | annotate | diff | comparison | revisions 
--- a/components/openstack/glance/patches/08-CVE-2015-1195.patch	Wed Jan 28 13:37:34 2015 -0800
+++ b/components/openstack/glance/patches/08-CVE-2015-1195.patch	Wed Jan 28 15:28:28 2015 -0800
@@ -13,7 +13,7 @@
  store_opts = [
      cfg.ListOpt('known_stores',
                  default=[
-@@ -382,11 +384,11 @@ def validate_external_location(uri):
+@@ -382,10 +384,10 @@ def validate_external_location(uri):
      :param uri: The URI of external image location.
      :return: Whether given URI of external image location are OK.
      """
@@ -21,11 +21,7 @@
 -    valid_schemes = [scheme for scheme in location.SCHEME_TO_CLS_MAP.keys()
 -                     if scheme != 'file' and scheme != 'swift+config']
 -    return pieces.scheme in valid_schemes
-
-+    # TODO(gm): Use a whitelist of allowed schemes
++    # TODO(gm): Use a whitelist of allowed_schemes
++    known_schemes = [scheme for scheme in location.SCHEME_TO_CLS_MAP.keys()]
 +    scheme = urlparse.urlparse(uri).scheme
-+    return (scheme in get_known_schemes() and
-+            scheme not in RESTRICTED_URI_SCHEMAS)
-
- class ImageRepoProxy(glance.domain.proxy.Repo):
-
++    return (scheme in known_schemes and scheme not in RESTRICTED_URI_SCHEMAS)
upstream/oracle/userland-gate