Suggested-by: Fabian Grünbichler <f.gruenbich...@proxmox.com> Signed-off-by: Fiona Ebner <f.eb...@proxmox.com> ---
No changes in v4. NOTE: actual checking being done depends on Fabian's hardening patches: https://lore.proxmox.com/pve-devel/20241104104221.228730-1-f.gruenbich...@proxmox.com/ PVE/QemuServer.pm | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm index 8beb8940..3f0e06a7 100644 --- a/PVE/QemuServer.pm +++ b/PVE/QemuServer.pm @@ -7388,6 +7388,12 @@ sub restore_external_archive { $backup_provider->restore_vm_volume_init($volname, $storeid, $d->{devname}, {}); my $source_path = $info->{'qemu-img-path'} or die "did not get source image path from backup provider\n"; + + print "importing drive '$d->{devname}' from '$source_path'\n"; + + # safety check for untrusted source image + PVE::Storage::file_size_info($source_path, undef, 1); + eval { qemu_img_convert( $source_path, $d->{volid}, $d->{size}, undef, 0, $options->{bwlimit}); -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel