From fd58bb2bffcc0270e99951da92b64bd147a895ef Mon Sep 17 00:00:00 2001
From: Dominik Csapak <d.csapak@proxmox.com>
Date: Tue, 24 Apr 2018 10:15:14 +0200
Subject: [PATCH] untaint df return values

since we sometimes use their length in a format string for printf

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Co-authored-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 src/PVE/Tools.pm | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index d5373a4..6a2dae4 100644
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -986,10 +986,14 @@ sub df {
     my $res = eval { run_fork_with_timeout($timeout, $df) } // {};
     warn $@ if $@;
 
+    # untaint the values
+    my ($blocks, $used, $bavail) = map { defined($_) ? (/^(\d+)$/) : 0 }
+	$res->@{qw(blocks used bavail)};
+
     return {
-	total => $res->{blocks} // 0,
-	used => $res->{used} // 0,
-	avail => $res->{bavail} // 0,
+	total => $blocks,
+	used => $used,
+	avail => $bavail,
     };
 }