[pve-devel] [PATCH RFC container] include custom lxc options when displaying config

Fabian Grünbichler f.gruenbichler at proxmox.com
Wed Jun 15 13:47:08 CEST 2016


comments inline

> Dietmar Maurer <dietmar at proxmox.com> hat am 15. Juni 2016 um 12:27 geschrieben:
> 
> 
> comments inline
> 
> ...
> > diff --git a/src/PVE/CLI/pct.pm b/src/PVE/CLI/pct.pm
> > index ca87229..748ace3 100755
> > --- a/src/PVE/CLI/pct.pm
> > +++ b/src/PVE/CLI/pct.pm
> > @@ -542,12 +542,22 @@ our $cmddef = {
> >  		    my $config = shift;
> >  		    foreach my $k (sort (keys %$config)) {
> >  			next if $k eq 'digest';
> > +			next if $k eq 'lxc';
> >  			my $v = $config->{$k};
> >  			if ($k eq 'description') {
> >  			    $v = PVE::Tools::encode_text($v);
> >  			}
> >  			print "$k: $v\n";
> >  		    }
> > +		    if (defined($config->{'lxc'})) {
> > +			my $lxc_list = $config->{'lxc'};
> > +			foreach my $lxc_opt (@$lxc_list) {
> > +			    if (@$lxc_opt == 2) {
> 
> why is above test required? AFAIK we always do:
> 
>  push @{$conf->{lxc}}, [$key, $value];

in case this is ever changed? erring on the side of caution, but can be dropped...

> 
> > +				my $v = PVE::Tools::encode_text(@$lxc_opt[1]);
> 
> why do you call PVE::Tools::encode_text() here?

because this is an unvalidated, user provided value that is printed to the shell/terminal (we do the same for the description). I can't think of anything really dangerous atm, but you can at least hide stuff (for example, lines or parts of lines) using terminal escape sequences.



More information about the pve-devel mailing list