diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-03 14:55:01 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:34:41 -0200 |
commit | 873c1701a8934ac9a10284fe794eb86db1cead68 (patch) | |
tree | f33e957b3983ada067702e87540caa3b273ea7e2 /etc/inc/rrd.inc | |
parent | 4f188f54abf44ebe82c317ceee7555c7bd00e7ba (diff) | |
download | pfsense-873c1701a8934ac9a10284fe794eb86db1cead68.zip pfsense-873c1701a8934ac9a10284fe794eb86db1cead68.tar.gz |
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Diffstat (limited to 'etc/inc/rrd.inc')
-rw-r--r-- | etc/inc/rrd.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc index d09ef82..a66120a 100644 --- a/etc/inc/rrd.inc +++ b/etc/inc/rrd.inc @@ -37,9 +37,9 @@ function dump_rrd_to_xml($rrddatabase, $xmldumpfile) { $rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool"; if(file_exists($xmldumpfile)) - mwexec("rm {$xmldumpfile}"); + unlink($xmldumpfile); - exec("$rrdtool dump {$rrddatabase} {$xmldumpfile} 2>&1", $dumpout, $dumpret); + exec("$rrdtool dump " . escapeshellarg($rrddatabase) . " {$xmldumpfile} 2>&1", $dumpout, $dumpret); if ($dumpret <> 0) { $dumpout = implode(" ", $dumpout); log_error(sprintf(gettext('RRD dump failed exited with %1$s, the error is: %2$s'), $dumpret, $dumpout)); |