Fixed in master with, https://review.opendev.org/c/openstack/glance/+/871831
** Also affects: glance/zed Importance: Undecided Status: Fix Committed ** Also affects: glance/xena Importance: Undecided Status: New ** Also affects: glance/yoga Importance: Undecided Status: New ** Changed in: glance/zed Status: Fix Committed => New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Glance. https://bugs.launchpad.net/bugs/2006490 Title: Limit CaptureRegion sizes in format_inspector for VMDK and VHDX Status in Glance: In Progress Status in Glance xena series: New Status in Glance yoga series: New Status in Glance zed series: In Progress Bug description: VMDK: When parsing a VMDK file to calculate its size, the format_inspector determines the location of the Descriptor section by reading two uint64 from the headers of the file and uses them to create the descriptor CaptureRegion. It would be possible to craft a VMDK file that commands the format_inspector to create a very big CaptureRegion, thus exhausting resources on the glance-api process. VHDX: It is a bit more involved, but similar: when looking for the VIRTUAL_DISK_SIZE metadata, the format_inspector was creating an unbounded CaptureRegion. To manage notifications about this bug go to: https://bugs.launchpad.net/glance/+bug/2006490/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp