[pve-devel] [PATCH storage 3/3] migrate: insecure: untaint the received ip/port
Wolfgang Bumiller
w.bumiller at proxmox.com
Tue Jun 6 10:04:03 CEST 2017
---
PVE/Storage.pm | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/PVE/Storage.pm b/PVE/Storage.pm
index 5f6650d..f952c8a 100755
--- a/PVE/Storage.pm
+++ b/PVE/Storage.pm
@@ -672,9 +672,8 @@ sub storage_migrate {
if ($insecure) {
my $pid = open(my $info, '-|', @$recv)
or die "receive command failed: $!\n";
- my $ip = <$info> // die "no tunnel IP received\n";
- my $port = <$info> // die "no tunnel port received\n";
- chomp($ip, $port);
+ my ($ip) = <$info> =~ /^($PVE::Tools::IPRE)$/ or die "no tunnel IP received\n";
+ my ($port) = <$info> =~ /^(\d+)$/ or die "no tunnel port received\n";
my $socket = IO::Socket::IP->new(PeerHost => $ip, PeerPort => $port, Type => SOCK_STREAM)
or die "failed to connect to tunnel at $ip:$port\n";
run_command([$send, @cstream], output => '>&'.fileno($socket));
--
2.11.0
More information about the pve-devel
mailing list