diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-03 14:55:01 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:43:18 -0200 |
commit | 46b12609e51b9b3113abc9c22a1b0ad5a2b37d11 (patch) | |
tree | 0cadd8627871d2e8f159d093852e665a02e39777 /etc/inc/pfsense-utils.inc | |
parent | 44f2ef9b486fc3e4e2a183ae157a86a9e8ac9018 (diff) | |
download | pfsense-46b12609e51b9b3113abc9c22a1b0ad5a2b37d11.zip pfsense-46b12609e51b9b3113abc9c22a1b0ad5a2b37d11.tar.gz |
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Conflicts:
etc/inc/filter_log.inc
etc/inc/interfaces.inc
etc/inc/pfsense-utils.inc
etc/inc/pkg-utils.inc
Diffstat (limited to 'etc/inc/pfsense-utils.inc')
-rw-r--r-- | etc/inc/pfsense-utils.inc | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 0b6507e..e7aaa2b 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -350,7 +350,7 @@ function get_pfsync_interface_status($pfsyncinterface) { * add_rule_to_anchor($anchor, $rule): adds the specified rule to an anchor */ function add_rule_to_anchor($anchor, $rule, $label) { - mwexec("echo " . $rule . " | /sbin/pfctl -a " . $anchor . ":" . $label . " -f -"); + mwexec("echo " . escapeshellarg($rule) . " | /sbin/pfctl -a " . escapeshellarg($anchor) . ":" . escapeshellarg($label) . " -f -"); } /* @@ -619,7 +619,7 @@ if (!function_exists('php_check_syntax')){ if (!function_exists('php_check_syntax')){ function php_check_syntax($code_to_check, &$errormessage){ return false; - $command = "/usr/local/bin/php -l " . $code_to_check; + $command = "/usr/local/bin/php -l " . escapeshellarg($code_to_check); $output = exec_command($command); if (stristr($output, "Errors parsing") == false) { echo "false\n"; @@ -1452,7 +1452,7 @@ function add_hostname_to_watch($hostname) { if((is_fqdn($hostname)) && (!is_ipaddr($hostname))) { $domrecords = array(); $domips = array(); - exec("host -t A $hostname", $domrecords, $rethost); + exec("host -t A " . escapeshellarg($hostname), $domrecords, $rethost); if($rethost == 0) { foreach($domrecords as $domr) { $doml = explode(" ", $domr); @@ -1526,7 +1526,7 @@ function compare_hostname_to_dnscache($hostname) { if((is_fqdn($hostname)) && (!is_ipaddr($hostname))) { $domrecords = array(); $domips = array(); - exec("host -t A $hostname", $domrecords, $rethost); + exec("host -t A " . escapeshellarg($hostname), $domrecords, $rethost); if($rethost == 0) { foreach($domrecords as $domr) { $doml = explode(" ", $domr); @@ -1876,7 +1876,7 @@ function update_alias_url_data() { function process_alias_unzip($temp_filename) { if(!file_exists("/usr/local/bin/unzip")) return; - mwexec("/bin/mv {$temp_filename}/aliases {$temp_filename}/aliases.zip"); + rename("{$temp_filename}/aliases", "{$temp_filename}/aliases.zip"); mwexec("/usr/local/bin/unzip {$temp_filename}/aliases.tgz -d {$temp_filename}/aliases/"); unlink("{$temp_filename}/aliases.zip"); $files_to_process = return_dir_as_array("{$temp_filename}/"); @@ -1893,7 +1893,7 @@ function process_alias_unzip($temp_filename) { function process_alias_tgz($temp_filename) { if(!file_exists("/usr/bin/tar")) return; - mwexec("/bin/mv {$temp_filename}/aliases {$temp_filename}/aliases.tgz"); + rename("{$temp_filename}/aliases", "{$temp_filename}/aliases.tgz"); mwexec("/usr/bin/tar xzf {$temp_filename}/aliases.tgz -C {$temp_filename}/aliases/"); unlink("{$temp_filename}/aliases.tgz"); $files_to_process = return_dir_as_array("{$temp_filename}/"); @@ -2026,7 +2026,7 @@ function process_alias_urltable($name, $url, $freq, $forceupdate=false) { mwexec("/usr/bin/sed 's/\;.*//g' ". escapeshellarg($urltable_filename . ".tmp") . "| /usr/bin/egrep -v '^[[:space:]]*$|^#' > " . escapeshellarg($urltable_filename)); unlink_if_exists($urltable_filename . ".tmp"); } else - mwexec("/usr/bin/touch {$urltable_filename}"); + touch($urltable_filename); conf_mount_ro(); return true; } else { @@ -2119,10 +2119,10 @@ function nanobsd_update_fstab($gslice, $complete_path, $oldufs, $newufs) { $tmppath = "/tmp/{$gslice}"; $fstabpath = "/tmp/{$gslice}/etc/fstab"; - exec("/bin/mkdir {$tmppath}"); + mkdir($tmppath); exec("/sbin/fsck_ufs -y /dev/{$complete_path}"); exec("/sbin/mount /dev/ufs/{$gslice} {$tmppath}"); - exec("/bin/cp /etc/fstab {$fstabpath}"); + copy("/etc/fstab", $fstabpath); if (!file_exists($fstabpath)) { $fstab = <<<EOF @@ -2137,7 +2137,7 @@ EOF; $status = exec("sed -i \"\" \"s/pfsense{$oldufs}/pfsense{$newufs}/g\" {$fstabpath}"); } exec("/sbin/umount {$tmppath}"); - exec("/bin/rmdir {$tmppath}"); + rmdir($tmppath); return $status; } |