applied, thanks.
___
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
> changes from v1:
> renamed function to verify_*
> added check for ../ at the beginning
> cleaned up regex (\.)? -> \.?
Can/should we add further restrictions to the allowed charset?
We currently have format 'pve-volume-id', which use
if ($volid =~
changes from v1:
renamed function to verify_*
added check for ../ at the beginning
cleaned up regex (\.)? -> \.?
currently we sanitize mountpoints with sanitize_mountpoint, which
tries to remove dots, double-dots and multiple slashes, but it does it
not correctly (e.g. /test/././ gets truncated
> On February 4, 2016 at 4:52 PM Dietmar Maurer wrote:
>
>
> > > with the new behaviour, we don't need sanitize_mountpoint anymore:
> > >
> > > Signed-off-by: Dominik Csapak
> >
> > Acked-by: Wolfgang Bumiller
>
> This
On Thu, Feb 04, 2016 at 01:40:15PM +0100, Dominik Csapak wrote:
> changes from v1:
> renamed function to verify_*
> added check for ../ at the beginning
> cleaned up regex (\.)? -> \.?
>
>
> currently we sanitize mountpoints with sanitize_mountpoint, which
> tries to remove dots, double-dots and
> > with the new behaviour, we don't need sanitize_mountpoint anymore:
> >
> > Signed-off-by: Dominik Csapak
>
> Acked-by: Wolfgang Bumiller
This looks potentially dangerous to me. Is there a reason (bug) for that
change? Or is this just a