[pve-devel] [PATCH firewall 1/2] fix #2005: only allow ascii port digits
Dominik Csapak
d.csapak at proxmox.com
Fri Nov 30 09:53:49 CET 2018
perl accepts non-ascii digits for \d like U+09EA
which do not work with iptables
Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
src/PVE/Firewall.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index ef00d0c..035dc7e 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -1049,12 +1049,12 @@ sub parse_port_name_number_or_range {
my @elements = split(/,/, $str);
die "extraneous commas in list\n" if $str ne join(',', @elements);
foreach my $item (@elements) {
- if ($item =~ m/^(\d+):(\d+)$/) {
+ if ($item =~ m/^([0-9]+):([0-9]+)$/) {
$count += 2;
my ($port1, $port2) = ($1, $2);
die "invalid port '$port1'\n" if $port1 > 65535;
die "invalid port '$port2'\n" if $port2 > 65535;
- } elsif ($item =~ m/^(\d+)$/) {
+ } elsif ($item =~ m/^([0-9]+)$/) {
$count += 1;
my $port = $1;
die "invalid port '$port'\n" if $port > 65535;
--
2.11.0
More information about the pve-devel
mailing list