Daemon: untaint value read from ENV

author Dietmar Maurer <dietmar@proxmox.com>

Wed, 31 Dec 2014 16:28:33 +0000 (17:28 +0100)

committer Dietmar Maurer <dietmar@proxmox.com>

Wed, 31 Dec 2014 16:28:33 +0000 (17:28 +0100)
author Dietmar Maurer <dietmar@proxmox.com>
Wed, 31 Dec 2014 16:28:33 +0000 (17:28 +0100)
committer Dietmar Maurer <dietmar@proxmox.com>
Wed, 31 Dec 2014 16:28:33 +0000 (17:28 +0100)
diff --git a/data/PVE/Daemon.pm b/data/PVE/Daemon.pm

index 3d21401..b671453 100644 (file)
--- a/data/PVE/Daemon.pm
+++ b/data/PVE/Daemon.pm
@@ -366,6 +366,11 @@ sub new {
         my $lockfd = $ENV{PVE_DAEMON_LOCK_FD};
         delete $ENV{PVE_DAEMON_LOCK_FD};
  
+       if (defined($lockfd)) {
+           $lockfd =~ m/^(\d+)$/;
+           $lockfd = $1; # untaint
+       }
+
         die "please run as root\n" if !$restart && ($> != 0);
  
         die "can't create more that one PVE::Daemon" if $daemon_initialized;
author	Dietmar Maurer <dietmar@proxmox.com>
	Wed, 31 Dec 2014 16:28:33 +0000 (17:28 +0100)
committer	Dietmar Maurer <dietmar@proxmox.com>
	Wed, 31 Dec 2014 16:28:33 +0000 (17:28 +0100)