From ba31c925e3e33a5a877c48a8c7bad0dece8e9c07 Mon Sep 17 00:00:00 2001
From: "CanbiZ (MickLesk)" <47820557+MickLesk@users.noreply.github.com>
Date: Fri, 26 Jun 2026 21:56:28 +0200
Subject: [PATCH] Validate kernel selection input in kernel-clean (#15414)

- Trim whitespace, skip empty tokens and reject non-numeric input so a
  malformed selection no longer feeds garbage into `sed -n "<index>p"`.
- Reject reversed ranges (start greater than end) with a clear message.
- Replace `grep | wc -l` with `grep -c` (ShellCheck SC2126).
---
 tools/pve/kernel-clean.sh | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/tools/pve/kernel-clean.sh b/tools/pve/kernel-clean.sh
index 666d8ec67..1fba4576d 100644
--- a/tools/pve/kernel-clean.sh
+++ b/tools/pve/kernel-clean.sh
@@ -55,12 +55,23 @@ read -r selected
 selected_indices=()
 IFS=',' read -r -a tokens <<<"$selected"
 for token in "${tokens[@]}"; do
+  # Strip surrounding whitespace and skip empty tokens
+  token="${token//[[:space:]]/}"
+  [ -z "$token" ] && continue
   if [[ "$token" =~ ^([0-9]+)-([0-9]+)$ ]]; then
-    for ((i = BASH_REMATCH[1]; i <= BASH_REMATCH[2]; i++)); do
+    start=${BASH_REMATCH[1]}
+    end=${BASH_REMATCH[2]}
+    if ((start > end)); then
+      echo -e "${RD}Ignoring invalid range '${token}' (start greater than end).${CL}"
+      continue
+    fi
+    for ((i = start; i <= end; i++)); do
       selected_indices+=("$i")
     done
-  else
+  elif [[ "$token" =~ ^[0-9]+$ ]]; then
     selected_indices+=("$token")
+  else
+    echo -e "${RD}Ignoring invalid selection '${token}'.${CL}"
   fi
 done
 
@@ -101,8 +112,7 @@ for kernel in "${kernels_to_remove[@]}"; do
     remaining=$(dpkg --list |
       awk '/^ii/ {print $2}' |
       grep -E "^proxmox-kernel-${minor_version}\." |
-      grep -v "^${kernel}$" |
-      wc -l)
+      grep -cv "^${kernel}$")
     if [ "$remaining" -eq 0 ]; then
       pkgs_to_remove+=("$meta")
     fi