Daemon: untaint value read from ENV

[pve-common.git] / data / PVE / Daemon.pm

diff --git a/data/PVE/Daemon.pm b/data/PVE/Daemon.pm
index 3d214015ecbd0b329bd40d554abbd7709b706d80..b6714531c7253b8e95a03b57e91547b02b37f46d 100644 (file)
--- a/data/PVE/Daemon.pm
+++ b/data/PVE/Daemon.pm
@@ -366,6 +366,11 @@ sub new {
        my $lockfd = $ENV{PVE_DAEMON_LOCK_FD};
        delete $ENV{PVE_DAEMON_LOCK_FD};
 
+       if (defined($lockfd)) {
+           $lockfd =~ m/^(\d+)$/;
+           $lockfd = $1; # untaint
+       }
+
        die "please run as root\n" if !$restart && ($> != 0);
 
        die "can't create more that one PVE::Daemon" if $daemon_initialized;