From 13e1af437a00089e80392b1d23a1afa61fdedf81 Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Mon, 20 Mar 2023 15:11:40 +0100 Subject: [PATCH] content path overrides: allow single dots and enforce max-lengths Allow a dot as long as its not followed by another dot and enforce max component and (a reduced) max path length checking already at schema level. Signed-off-by: Thomas Lamprecht --- PVE/Storage/Plugin.pm | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/PVE/Storage/Plugin.pm b/PVE/Storage/Plugin.pm index 09f6ad2..c323085 100644 --- a/PVE/Storage/Plugin.pm +++ b/PVE/Storage/Plugin.pm @@ -355,8 +355,14 @@ PVE::JSONSchema::register_format('pve-dir-override', \&verify_dir_override); sub verify_dir_override { my ($value, $noerr) = @_; - if ($value =~ m/^([a-z]+)=[^.]+$/ && verify_content($1, $noerr)) { - return $value; + if ($value =~ m/^([a-z]+)=([^.]*(?:\.?[^.]+)+)$/) { + my ($content_type, $relative_path) = ($1, $2); + if (verify_content($content_type, $noerr)) { + # linux has 4k max-path, but limit total length to lower as its concat'd for full path + if (length($relative_path) < 1023 && !(grep { length($_) >= 255 } split('/', $relative_path))) { + return $value; + } + } } return undef if $noerr; -- 2.39.5