5
0
mirror of git://git.proxmox.com/git/pve-common.git synced 2024-12-22 21:33:47 +03:00

render_bytes: avoid untaint by simply change the sprintf call

There is no need to untaint if we do it this way (no idea why).
This commit is contained in:
Dietmar Maurer 2018-08-06 13:36:23 +02:00
parent a91ee28fe5
commit 3496d4bf4d

View File

@ -69,9 +69,6 @@ PVE::JSONSchema::register_renderer(
sub render_bytes {
my ($value) = @_;
return $value if $value !~ m/^(\d+)$/;
$value = int($1); # untaint for sprintf
my @units = qw(B KiB MiB GiB TiB PiB);
my $max_unit = 0;
@ -79,8 +76,8 @@ sub render_bytes {
$max_unit = int(log($value)/log(1024));
$value /= 1024**($max_unit);
}
return sprintf "%.2f $units[$max_unit]", $value;
my $unit = $units[$max_unit];
return sprintf "%.2f $unit", $value;
}
PVE::JSONSchema::register_renderer('bytes', \&render_bytes);