From 6704abc620fe52f180e7b21c2d6d7dd61a2eb3c2 Mon Sep 17 00:00:00 2001 From: Alejandro Sirgo Rica Date: Mon, 2 Sep 2024 13:44:09 +0200 Subject: live: add disk index bounds check Add disk index bounds checks for setup() and image_create(). Prevent backtrace logging when an invalid disk index is used. --- src/live/ogOperations.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'src/live') diff --git a/src/live/ogOperations.py b/src/live/ogOperations.py index 5b55422..b1571d1 100644 --- a/src/live/ogOperations.py +++ b/src/live/ogOperations.py @@ -413,7 +413,7 @@ class OgLiveOperations: def setup(self, request, ogRest): table_type = request.getType() - disk = request.getDisk() + disk = int(request.getDisk()) cache = request.getCache() cache_size = request.getCacheSize() partlist = request.getPartitionSetup() @@ -424,7 +424,10 @@ class OgLiveOperations: umount_all() umount_cache() - diskname = get_disks()[int(disk)-1] + if disk < 0 or disk > len(get_disks()): + raise OgError(f'Invalid disk number {disk}, {len(get_disks())} disks available.') + + diskname = get_disks()[disk-1] cxt = fdisk.Context(f'/dev/{diskname}', details=True) @@ -469,9 +472,9 @@ class OgLiveOperations: partition = int(part["partition"]) if fs == 'cache': - err = mkfs('ext4', int(disk), partition, label='CACHE') + err = mkfs('ext4', disk, partition, label='CACHE') else: - err = mkfs(fs, int(disk), partition) + err = mkfs(fs, disk, partition) if err == -1: raise OgError(f'Failed to format {part["partition"]} with filesystem {part["filesystem"]}') @@ -554,6 +557,9 @@ class OgLiveOperations: if ogRest.terminated: return + if disk < 0 or disk > len(get_disks()): + raise OgError(f'Invalid disk number {disk}, {len(get_disks())} disks available.') + diskname = get_disks()[disk-1] cxt = fdisk.Context(f'/dev/{diskname}', details=True) pa = None -- cgit v1.2.3-18-g5258