Signed-off-by: Dietmar Maurer <diet...@proxmox.com> --- src/PVE/ACME.pm | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/PVE/ACME.pm b/src/PVE/ACME.pm index e827aa9..38a14a5 100644 --- a/src/PVE/ACME.pm +++ b/src/PVE/ACME.pm @@ -152,7 +152,9 @@ sub load { my ($self) = @_; return if $self->{loaded}; $self->{loaded} = 1; - my $data = fromjs(file_get_contents($self->{path})); + my $raw = file_get_contents($self->{path}); + if ($raw =~ m/^(.*)$/s) { $raw = $1; } # untaint + my $data = fromjs($raw); $self->{$_} = $data->{$_} for @SAVED_VALUES; if (defined(my $keystr = $data->{key})) { my $key = Crypt::OpenSSL::RSA->new_private_key($keystr); -- 2.11.0 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel