* [pve-devel] [PATCH v3 manager] vzdump: verify parameters: properly verify notes-template
@ 2022-05-04 8:13 Fabian Ebner
0 siblings, 0 replies; only message in thread
From: Fabian Ebner @ 2022-05-04 8:13 UTC (permalink / raw)
To: pve-devel
instead of just checking for a newline, do a full check already.
Also do the check at the beginning of generate_notes() for consistency
and remove the check after expansion to avoid failing late for things
like '{{cl{{node}}er}}' (which can even expand to a valid variable
making the error even more confusing).
Co-developed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
---
Changes from v2:
* Check early rather than injecting error into notes.
PVE/VZDump.pm | 31 +++++++++++++++++++++++++++----
1 file changed, 27 insertions(+), 4 deletions(-)
diff --git a/PVE/VZDump.pm b/PVE/VZDump.pm
index edcab696..0dbf8928 100644
--- a/PVE/VZDump.pm
+++ b/PVE/VZDump.pm
@@ -70,9 +70,32 @@ sub run_command {
PVE::Tools::run_command($cmdstr, %param, logfunc => $logfunc);
}
+my $verify_notes_template = sub {
+ my ($template) = @_;
+
+ die "contains a line feed\n" if $template =~ /\n/;
+
+ my @problematic = ();
+ while ($template =~ /\\(.)/g) {
+ my $char = $1;
+ push @problematic, "escape sequence '\\$char' at char " . (pos($template) - 2)
+ if $char !~ /^[n\\]$/;
+ }
+
+ while ($template =~ /\{\{([^\s{}]+)\}\}/g) {
+ my $var = $1;
+ push @problematic, "variable '$var' at char " . (pos($template) - length($var))
+ if $var !~ /^(cluster|guestname|node|vmid)$/;
+ }
+
+ die "found unknown: " . join(', ', @problematic) . "\n" if scalar(@problematic);
+};
+
my $generate_notes = sub {
my ($notes_template, $task) = @_;
+ $verify_notes_template->($notes_template);
+
my $info = {
cluster => PVE::Cluster::get_clinfo()->{cluster}->{name},
guestname => $task->{hostname},
@@ -92,8 +115,6 @@ my $generate_notes = sub {
my $vars = join('|', keys $info->%*);
$notes_template =~ s/\{\{($vars)\}\}/$info->{$1}/g;
- die "unexpected variable name '$1'\n" if $notes_template =~ m/\{\{([^\s}]+)\}\}/;
-
return $notes_template;
};
@@ -1325,8 +1346,10 @@ sub verify_vzdump_parameters {
$parse_prune_backups_maxfiles->($param, 'CLI parameters');
- raise_param_exc({'notes-template' => "contains a line feed"})
- if $param->{'notes-template'} && $param->{'notes-template'} =~ m/\n/;
+ if (my $template = $param->{'notes-template'}) {
+ eval { $verify_notes_template->($template); };
+ raise_param_exc({'notes-template' => $@}) if $@;
+ }
$param->{all} = 1 if (defined($param->{exclude}) && !$param->{pool});
--
2.30.2
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-05-04 8:14 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-04 8:13 [pve-devel] [PATCH v3 manager] vzdump: verify parameters: properly verify notes-template Fabian Ebner
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal