[pve-devel] [PATCH storage v6 12/12] plugin: file_size_info: don't ignore base path with whitespace
Thomas Lamprecht
t.lamprecht at proxmox.com
Sun Nov 17 16:16:11 CET 2024
Am 15.11.24 um 16:17 schrieb Dominik Csapak:
> if the base image (parent) of an image contains whitespace in it's path
> (e.g. a space), the current untainting would not match and it would seem
> there was no parent.
do we really want all spaces like newline too? Those sometimes can cause odd
things when printing to CLI or the like, so maybe just add space explicitly?
Like with: /^([ \S]+)$/
>
> Fix that by adapting the untaint regex
>
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
> src/PVE/Storage/Plugin.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/PVE/Storage/Plugin.pm b/src/PVE/Storage/Plugin.pm
> index eed764d..761783f 100644
> --- a/src/PVE/Storage/Plugin.pm
> +++ b/src/PVE/Storage/Plugin.pm
> @@ -1031,7 +1031,7 @@ sub file_size_info {
> ($format) = ($format =~ /^(\S+)$/); # untaint
> die "format '$format' includes whitespace\n" if !defined($format);
> if (defined($parent)) {
> - ($parent) = ($parent =~ /^(\S+)$/); # untaint
> + ($parent) = ($parent =~ /^(.*)$/); # untaint
> }
> return wantarray ? ($size, $format, $used, $parent, $st->ctime) : $size;
> }
More information about the pve-devel
mailing list