diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-03 14:55:01 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:43:18 -0200 |
commit | 46b12609e51b9b3113abc9c22a1b0ad5a2b37d11 (patch) | |
tree | 0cadd8627871d2e8f159d093852e665a02e39777 /etc/inc/openvpn.attributes.php | |
parent | 44f2ef9b486fc3e4e2a183ae157a86a9e8ac9018 (diff) | |
download | pfsense-46b12609e51b9b3113abc9c22a1b0ad5a2b37d11.zip pfsense-46b12609e51b9b3113abc9c22a1b0ad5a2b37d11.tar.gz |
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Conflicts:
etc/inc/filter_log.inc
etc/inc/interfaces.inc
etc/inc/pfsense-utils.inc
etc/inc/pkg-utils.inc
Diffstat (limited to 'etc/inc/openvpn.attributes.php')
-rw-r--r-- | etc/inc/openvpn.attributes.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/inc/openvpn.attributes.php b/etc/inc/openvpn.attributes.php index 2f7e121..31ec7f5 100644 --- a/etc/inc/openvpn.attributes.php +++ b/etc/inc/openvpn.attributes.php @@ -179,7 +179,7 @@ $rules = parse_cisco_acl($attributes); if (!empty($rules)) { $pid = posix_getpid(); @file_put_contents("/tmp/ovpn_{$pid}{$common_name}.rules", $rules); - mwexec("/sbin/pfctl -a \"openvpn/{$common_name}\" -f {$g['tmp_path']}/ovpn_{$pid}{$common_name}.rules"); + mwexec("/sbin/pfctl -a \"openvpn/" . escapeshellarg($common_name) . "\" -f {$g['tmp_path']}/ovpn_{$pid}" . escapeshellarg($common_name) . ".rules"); @unlink("{$g['tmp_path']}/ovpn_{$pid}{$common_name}.rules"); } |