On 11/10/2017 12:38 PM, Dietmar Maurer wrote:
> This is a semantic change - you removed the regex - why?
>
As I deemed it unnecessary, we strongly control this environment
variable passed on re-exec and the usage of the old_workers keys
raise no perl tainting check, e.g., the following example:
# cat ./check-env-to-kill-taint.pl
#!/usr/bin/perl -T
use strict;
use warnings;
my $foo = $ENV{'FOO'};
my $h = {};
$h->{$_} = 1 foreach (split(':', $foo));
print "sending USR2 to " . join(' ', keys %$h) ."\n";
kill 12, keys %$h;
can be run without problems:
# FOO=1:2 ./check-env-to-kill-taint.pl
only when adding a line like:
system "echo " . join(' ', keys %$h);
I run into a tainting error.
So as the regex provided no additional value it's safe to remove
here as it provides no protection (kill refuses to do anything on
non-integers). But yeah this was really a bit overhasty for a cleanup.
>> @@ -289,11 +285,7 @@ sub setup {
>>
>> if ($restart && $self->{max_workers}) {
>> if (my $wpids = $ENV{PVE_DAEMON_WORKER_PIDS}) {
>> - foreach my $pid (split(':', $wpids)) {
>> - if ($pid =~ m/^(\d+)$/) {
>> - $self->{old_workers}->{$1} = 1;
>> - }
>> - }
>> + $self->{old_workers}->{$_} = 1 foreach (split(':', $wpids));
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
