From: Stefan Hanreich <s.hanreich@proxmox.com>
Date: Tue, 28 Nov 2023 08:58:57 +0000 (+0100)
Subject: dhcp: dnsmasq: untaint when deleting configuration files
X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=24ab59e0af673d6804d252fbf81ca65ad7d1d1e8;p=matthieu%2Fpve-network.git

dhcp: dnsmasq: untaint when deleting configuration files

The current invocation is quite unsafe and triggers the taint mode of
Perl that is enabled for our API daemons, but not pvesh used on
cluster-wide apply.
Replacing it with dir_glob_foreach solves those issues.

Reported-By: Friedrich Weber <f.weber@proxmox.com>
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---

diff --git a/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm b/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
index e65e973..2844943 100644
--- a/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
+++ b/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
@@ -234,7 +234,13 @@ CFG
 	$default_dnsmasq_config
     );
 
-    unlink glob "$config_directory/10-*.conf";
+    my @config_files = ();
+    PVE::Tools::dir_glob_foreach($config_directory, '10-.*\.conf', sub {
+	my ($file) = @_;
+	push @config_files, "$config_directory/$file";
+    });
+
+    unlink @config_files;
 }
 
 sub after_configure {