projects
/
pve-common.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c701c56
)
render_bytes: check format, untaint before calling sprintf
author
Dietmar Maurer
<dietmar@proxmox.com>
Mon, 6 Aug 2018 11:05:23 +0000
(13:05 +0200)
committer
Dietmar Maurer
<dietmar@proxmox.com>
Mon, 6 Aug 2018 11:16:44 +0000
(13:16 +0200)
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
src/PVE/CLIFormatter.pm
patch
|
blob
|
blame
|
history
diff --git
a/src/PVE/CLIFormatter.pm
b/src/PVE/CLIFormatter.pm
index dfc3679ad0a9330d1fc17d954cdeca432b934300..2c10318d3b7c8e9a2e32c0e6e10fd2c366698c4e 100644
(file)
--- a/
src/PVE/CLIFormatter.pm
+++ b/
src/PVE/CLIFormatter.pm
@@
-69,6
+69,9
@@
PVE::JSONSchema::register_renderer(
sub render_bytes {
my ($value) = @_;
+ return $value if $value !~ m/^(\d+)$/;
+ $value = int($1); # untaint for sprintf
+
my @units = qw(B KiB MiB GiB TiB PiB);
my $max_unit = 0;