[pve-devel] applied: [PATCH storage] ZFSPlugin: untaint lun number

Thomas Lamprecht t.lamprecht at proxmox.com
Fri Oct 9 18:07:46 CEST 2020


On 09.10.20 17:13, Stoiko Ivanov wrote:
> ZFS over iSCSI fetches information about the disk-images via ssh, thus
> the obtainted data is tainted (perlsec (1)).
> 
> Since pvedaemon runs with '-T' enabled trying to start a VM via GUI/API failed,
> while it still worked via `qm` or `pvesh`.
> 
> The issue surfaced after commit cb9db10c1a9855cf40ff13e81f9dd97d6a9b2698 in
> pve-common ('run_command: improve performance for logging and long lines'),
> and results from concatenating the original (tainted) buffer to a variable,
> instead of a captured subgroup.
> 
> Untainting the value in ZFSPlugin should not cause any regressiosn, since the
> other 3 target providers already have a match on '\d+' for retrieving the
> lun number.
> 
> reported via pve-user [0].
> 
> reproduced and tested by setting up a LIO-target (on top of a virtual PVE),
> adding it as storage and trying to start a guest (with a disk on the
> ZFS over iSCSI storage) with `perl -T /usr/sbin/qm start $vmid`
> 
> [0] https://lists.proxmox.com/pipermail/pve-user/2020-October/172055.html
> 
> Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
> ---
>  PVE/Storage/ZFSPlugin.pm | 6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
>

applied, thanks!





More information about the pve-devel mailing list