proxmox-mirrors/pve-common
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-common synced 2025-08-15 13:40:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

render_bytes: check format, untaint before calling sprintf

Browse Source 
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
This commit is contained in:
Dietmar Maurer 2018-08-06 13:05:23 +02:00
parent c701c5659e
commit a91ee28fe5
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/PVE/CLIFormatter.pm
View File

@ -69,6 +69,9 @@ PVE::JSONSchema::register_renderer(
sub render_bytes { sub render_bytes {
my ($value) = @_; my ($value) = @_;
return $value if $value !~ m/^(\d+)$/;
$value = int($1); # untaint for sprintf
my @units = qw(B KiB MiB GiB TiB PiB); my @units = qw(B KiB MiB GiB TiB PiB);
my $max_unit = 0; my $max_unit = 0;