diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-03 14:55:01 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:34:41 -0200 |
commit | 873c1701a8934ac9a10284fe794eb86db1cead68 (patch) | |
tree | f33e957b3983ada067702e87540caa3b273ea7e2 /etc/inc/service-utils.inc | |
parent | 4f188f54abf44ebe82c317ceee7555c7bd00e7ba (diff) | |
download | pfsense-873c1701a8934ac9a10284fe794eb86db1cead68.zip pfsense-873c1701a8934ac9a10284fe794eb86db1cead68.tar.gz |
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Diffstat (limited to 'etc/inc/service-utils.inc')
-rw-r--r-- | etc/inc/service-utils.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/inc/service-utils.inc b/etc/inc/service-utils.inc index 324eae7..446f60c 100644 --- a/etc/inc/service-utils.inc +++ b/etc/inc/service-utils.inc @@ -67,7 +67,7 @@ function write_rcfile($params) { $tokill =& $params['stop']; } else if(!empty($params['executable'])) { /* just nuke the executable */ - $tokill = "/usr/bin/killall {$params['executable']}"; + $tokill = "/usr/bin/killall " . escapeshellarg($params['executable']); } else { /* make an educated guess (bad) */ $tokill = array_pop(explode('/', array_shift(explode(' ', $params['start'])))); |