mirror of
https://github.com/pfsense/pfsense.git
synced 2025-10-26 11:38:35 +00:00
Escape parameters passed to shell_exec()
This commit is contained in:
parent
76c4ff0ecf
commit
45438fd3fd
@ -21,7 +21,7 @@ EOD;
|
||||
|
||||
function openntpd_get_iface_ip($iface) {
|
||||
$iface = convert_friendly_interface_to_real_interface_name($iface);
|
||||
$line = trim(shell_exec("ifconfig $iface | grep inet | grep -v inet6"));
|
||||
$line = trim(shell_exec("ifconfig " . escapeshellarg($iface) . " | grep inet | grep -v inet6"));
|
||||
list($dummy, $ip, $dummy2, $dummy3) = explode(' ', $line);
|
||||
|
||||
return $ip;
|
||||
|
||||
@ -85,7 +85,7 @@ function update_email($email)
|
||||
if(!empty($email))
|
||||
{
|
||||
// Put it in the smartd.conf file
|
||||
shell_exec("/usr/bin/sed -i old 's/^DEVICESCAN.*/DEVICESCAN -H -m " . $email . "/' /usr/local/etc/smartd.conf");
|
||||
shell_exec("/usr/bin/sed -i old 's/^DEVICESCAN.*/DEVICESCAN -H -m " . escapeshellarg($email) . "/' /usr/local/etc/smartd.conf");
|
||||
}
|
||||
// Nope
|
||||
else
|
||||
|
||||
Loading…
Reference in New Issue
Block a user