← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1177830] Re: [OSSA 2013-012] Unchecked qcow2 root disk sizes

 

** No longer affects: nova/folsom

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1177830

Title:
  [OSSA 2013-012] Unchecked qcow2 root disk sizes

Status in OpenStack Compute (Nova):
  Fix Released
Status in OpenStack Compute (nova) grizzly series:
  Fix Released
Status in OpenStack Compute (nova) havana series:
  Fix Released
Status in OpenStack Security Advisories:
  Fix Released

Bug description:
  Currently there's no check on the root disk raw sizes. A user can
  create qcow2 images with any size and upload it to glance and spawn
  instances off this file. The raw backing file created in the compute
  node will be small at first due to it being a sparse file, but will
  grow as data is written to it. This can cause the following issues.

  1. Bypass storage quota restrictions
  2. Overrun compute host disk space

  This was reproduced in Devstack using recent trunk d7e4692.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1177830/+subscriptions