From ee0daa88c4d2b7c9d8e3490f2bd9f5c36a08dd97 Mon Sep 17 00:00:00 2001
From: Thomas Lamprecht <t.lamprecht@proxmox.com>
Date: Mon, 12 Mar 2018 09:26:27 +0100
Subject: [PATCH] fix tainted input in backup_cfs_database

We can call this module also now over the API through
pvedaemon/pveproxy which have tainting checks on.

Thus we need to untaint the "read existing backups" inputs,
as else this errors out here.

Only triggers when over 10 backups existed already, so this does
not triggers really often in the real world.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 data/PVE/Cluster.pm | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm
index 27b1c97..fabf5bc 100644
--- a/data/PVE/Cluster.pm
+++ b/data/PVE/Cluster.pm
@@ -1762,6 +1762,7 @@ my $backup_cfs_database = sub {
 
     if ((my $count = scalar(@$backups)) > $maxfiles) {
 	foreach my $f (@$backups[$maxfiles..$count-1]) {
+	    next if $f !~ m/^(\S+)$/; # untaint
 	    print "delete old backup '$1'\n";
 	    unlink $1;
 	}
-- 
2.39.2