yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(remote) export: check and untaint format

Browse Source 
this format comes from the remote cluster, so it might not be supported
on the source side - checking whether it's known (as additional
safeguard) and untainting (to avoid open3 failure) is required.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 [ T: squashed in canonical perl array ref access ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Fabian Grünbichler
2022-09-28 14:50:59 +02:00
committed by Thomas Lamprecht
parent 47d1125bfe
commit 71460c8ace
2 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
PVE/CLI/pvesm.pm
View File

@ -30,8 +30,6 @@ use PVE::CLIHandler;
use base qw(PVE::CLIHandler);
my $KNOWN_EXPORT_FORMATS = ['raw+size', 'tar+size', 'qcow2+size', 'vmdk+size', 'zfs', 'btrfs'];
my $nodename = PVE::INotify::nodename();
sub param_mapping {
@ -269,7 +267,7 @@ __PACKAGE__->register_method ({
format => {
description => "Export stream format",
type => 'string',
enum => $KNOWN_EXPORT_FORMATS,
enum => $PVE::Storage::KNOWN_EXPORT_FORMATS,
},
filename => {
description => "Destination file name",
@ -355,7 +353,7 @@ __PACKAGE__->register_method ({
format => {
description => "Import stream format",
type => 'string',
enum => $KNOWN_EXPORT_FORMATS,
enum => $PVE::Storage::KNOWN_EXPORT_FORMATS,
},
filename => {
description => "Source file name. For '-' stdin is used, the " .