Ubuntu Cloud Archive

  1. Series liberty
  2. Bug #1449062
  3. Comment #95

Comment 95 for bug 1449062

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to cinder (stable/liberty)

Reviewed: https://review.openstack.org/382573
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=455b318ced717fb38dfe40014817d78fbc47dea5
Submitter: Jenkins
Branch: stable/liberty

commit 455b318ced717fb38dfe40014817d78fbc47dea5
Author: Sean McGinnis <email address hidden>
Date: Thu Sep 22 15:31:37 2016 -0500

    Limit memory & CPU when running qemu-img info

    It was found that a modified or corrupted image file can cause a DoS
    on the host when getting image info with qemu-img.

    This uses the newer 'prlimit' parameter for oslo.concurrency execute
    to set an address space limit of 1GB and CPU time limit of 2 seconds
    when running the qemu-img info command.

    Change-Id: If5b7129b266ef065642bc7898ce9dcf93722a053
    Closes-bug: #1449062
    (cherry picked from commit 8547444775e406a50d9d26a0003e9ba6554b0d70)