diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:33:29 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:34:42 -0200 |
commit | d31ca3363dcb7b243f71118744123a5ba71665cb (patch) | |
tree | d9478b15b7a4316a10b7a9b5d4a415c272285a1c /usr/local/www/diag_arp.php | |
parent | 39ed87e54d14af2603cc66e65ac5e13a9c9843b1 (diff) | |
download | pfsense-d31ca3363dcb7b243f71118744123a5ba71665cb.zip pfsense-d31ca3363dcb7b243f71118744123a5ba71665cb.tar.gz |
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Diffstat (limited to 'usr/local/www/diag_arp.php')
-rwxr-xr-x | usr/local/www/diag_arp.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/diag_arp.php b/usr/local/www/diag_arp.php index c24ca62..19f74f0 100755 --- a/usr/local/www/diag_arp.php +++ b/usr/local/www/diag_arp.php @@ -249,7 +249,7 @@ function _getHostName($mac,$ip) { else if ($dhcpip[$ip]) return $dhcpip[$ip]; else{ - exec("host -W 1 $ip", $output); + exec("host -W 1 " . escapeshellarg($ip), $output); if (preg_match('/.*pointer ([A-Za-z0-9.-]+)\..*/',$output[0],$matches)) { if ($matches[1] <> $ip) return $matches[1]; |