[pve-devel] [PATCH storage v4 1/1] import: allow upload of guest images files into import storage
Dominik Csapak
d.csapak at proxmox.com
Wed Mar 26 16:26:05 CET 2025
so users can upload qcow2/raw/vmdk files directly in the ui
Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
changes from v3:
* also allow vmdk and raw
src/PVE/API2/Storage/Status.pm | 17 ++++++++++++++++-
src/PVE/Storage.pm | 3 ++-
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/src/PVE/API2/Storage/Status.pm b/src/PVE/API2/Storage/Status.pm
index c854b53..b23d283 100644
--- a/src/PVE/API2/Storage/Status.pm
+++ b/src/PVE/API2/Storage/Status.pm
@@ -456,6 +456,7 @@ __PACKAGE__->register_method ({
my $path;
my $isOva = 0;
+ my $imageFormat;
if ($content eq 'iso') {
if ($filename !~ m![^/]+$PVE::Storage::ISO_EXT_RE_0$!) {
@@ -472,7 +473,12 @@ __PACKAGE__->register_method ({
raise_param_exc({ filename => "invalid filename or wrong extension" });
}
- $isOva = 1;
+ if ($filename =~ m/\.ova$/) {
+ $isOva = 1;
+ } elsif ($filename =~ m/${PVE::Storage::UPLOAD_IMPORT_IMAGE_EXT_RE_1}$/) {
+ $imageFormat = $1;
+ }
+
$path = PVE::Storage::get_import_dir($cfg, $storage);
} else {
raise_param_exc({ content => "upload content type '$content' not allowed" });
@@ -543,6 +549,9 @@ __PACKAGE__->register_method ({
if ($isOva) {
assert_ova_contents($tmpfilename);
+ } elsif (defined($imageFormat)) {
+ # checks untrusted image
+ PVE::Storage::file_size_info($tmpfilename, 10, $imageFormat, 1);
}
};
if (my $err = $@) {
@@ -667,6 +676,7 @@ __PACKAGE__->register_method({
my $path;
my $isOva = 0;
+ my $imageFormat;
if ($content eq 'iso') {
if ($filename !~ m![^/]+$PVE::Storage::ISO_EXT_RE_0$!) {
@@ -685,6 +695,8 @@ __PACKAGE__->register_method({
if ($filename =~ m/\.ova$/) {
$isOva = 1;
+ } elsif ($filename =~ m/${PVE::Storage::UPLOAD_IMPORT_IMAGE_EXT_RE_1}$/) {
+ $imageFormat = $1;
}
$path = PVE::Storage::get_import_dir($cfg, $storage);
@@ -717,6 +729,9 @@ __PACKAGE__->register_method({
if ($isOva) {
assert_ova_contents($tmp_path);
+ } elsif (defined($imageFormat)) {
+ # checks untrusted image
+ PVE::Storage::file_size_info($tmp_path, 10, $imageFormat, 1);
}
};
diff --git a/src/PVE/Storage.pm b/src/PVE/Storage.pm
index c5d4ff8..09d9883 100755
--- a/src/PVE/Storage.pm
+++ b/src/PVE/Storage.pm
@@ -116,7 +116,8 @@ our $BACKUP_EXT_RE_2 = qr/\.(tgz|(?:tar|vma)(?:\.(${\PVE::Storage::Plugin::COMPR
our $IMPORT_EXT_RE_1 = qr/\.(ova|ovf|qcow2|raw|vmdk)/;
-our $UPLOAD_IMPORT_EXT_RE_1 = qr/\.(ova)/;
+our $UPLOAD_IMPORT_EXT_RE_1 = qr/\.(ova|qcow2|raw|vmdk)/;
+our $UPLOAD_IMPORT_IMAGE_EXT_RE_1 = qr/\.(qcow2|raw|vmdk)/;
our $SAFE_CHAR_CLASS_RE = qr/[a-zA-Z0-9\-\.\+\=\_]/;
our $SAFE_CHAR_WITH_WHITESPACE_CLASS_RE = qr/[ a-zA-Z0-9\-\.\+\=\_]/;
--
2.39.5
More information about the pve-devel
mailing list