my $mtu = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/mtu");
die "bridge '$bridge' does not exist\n" if !$mtu;
- # avoid insecure dependency;
- die "unable to parse mtu value" if $mtu !~ /^(\d+)$/;
- $mtu = int($1);
+
+ if ($mtu =~ /^(\d+)$/) { # avoid insecure dependency (untaint)
+ $mtu = int($1);
+ } else {
+ die "unexpeted error: unable to parse mtu value '$mtu' as integer\n";
+ }
return $mtu;
};
my ($bridge, $iface, $tag, $trunks) = @_;
my $bridgemtu = read_bridge_mtu($bridge);
- eval {
- PVE::Tools::run_command(['/sbin/ip', 'link', 'set', $iface, 'mtu', $bridgemtu]);
- };
+ eval { run_command(['/sbin/ip', 'link', 'set', $iface, 'mtu', $bridgemtu]) };
# drop link local address (it can't be used when on a bridge anyway)
disable_ipv6($iface);
my ($iface, $mtu) = @_;
my $cmd = ['/sbin/ip', 'link', 'set', $iface, 'up'];
- push (@$cmd, ('mtu', $mtu)) if $mtu;
+ push @$cmd, ('mtu', $mtu) if $mtu;
eval { run_command($cmd) };
die "can't activate interface '$iface' - $@\n" if $@;
sub IP_from_cidr {
my ($cidr, $version) = @_;
- return if $cidr !~ m!^(\S+?)/(\S+)$!;
- my ($ip, $prefix) = ($1, $2);
+ my ($ip, $prefix) = $cidr =~ m!^(\S+?)/(\S+)$! or return;
my $ipobj = Net::IP->new($ip, $version);
return if !$ipobj;