summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2018-04-05 09:32:22 +0200
committerJo-Philipp Wich <jo@mein.io>2018-04-05 09:37:43 +0200
commitc0d9c4f3ce7bda19081d0da01a599bec067338a3 (patch)
treea46fcf6c6a594ad1a2ab3fe09f2e4860355a27fb /applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk
parent45cefe71f6069b088e14dd913eb382816acb945c (diff)
treewide: filter shell arguments through shellquote() where applicable
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk')
-rw-r--r--applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua12
1 files changed, 6 insertions, 6 deletions
diff --git a/applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua b/applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua
index 7bb47612b6..92b3afc80d 100644
--- a/applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua
+++ b/applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua
@@ -33,7 +33,7 @@ function diag_command(cmd, addr)
if addr and addr:match("^[a-zA-Z0-9%-%.:_]+$") then
luci.http.prepare_content("text/plain")
- local util = io.popen(cmd % addr)
+ local util = io.popen(cmd % luci.util.shellquote(addr))
if util then
while true do
local ln = util:read("*l")
@@ -52,21 +52,21 @@ function diag_command(cmd, addr)
end
function diag_ping(addr)
- diag_command("ping -c 5 -W 1 %q 2>&1", addr)
+ diag_command("ping -c 5 -W 1 %s 2>&1", addr)
end
function diag_traceroute(addr)
- diag_command("traceroute -q 1 -w 1 -n %q 2>&1", addr)
+ diag_command("traceroute -q 1 -w 1 -n %s 2>&1", addr)
end
function diag_nslookup(addr)
- diag_command("nslookup %q 2>&1", addr)
+ diag_command("nslookup %s 2>&1", addr)
end
function diag_ping6(addr)
- diag_command("ping6 -c 5 %q 2>&1", addr)
+ diag_command("ping6 -c 5 %s 2>&1", addr)
end
function diag_traceroute6(addr)
- diag_command("traceroute6 -q 1 -w 2 -n %q 2>&1", addr)
+ diag_command("traceroute6 -q 1 -w 2 -n %s 2>&1", addr)
end