diff options
author | Jo-Philipp Wich <jo@mein.io> | 2018-04-05 09:32:22 +0200 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2018-04-05 09:37:43 +0200 |
commit | c0d9c4f3ce7bda19081d0da01a599bec067338a3 (patch) | |
tree | a46fcf6c6a594ad1a2ab3fe09f2e4860355a27fb /applications/luci-app-freifunk-diagnostics/luasrc/controller | |
parent | 45cefe71f6069b088e14dd913eb382816acb945c (diff) |
treewide: filter shell arguments through shellquote() where applicable
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'applications/luci-app-freifunk-diagnostics/luasrc/controller')
-rw-r--r-- | applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua b/applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua index 7bb47612b6..92b3afc80d 100644 --- a/applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua +++ b/applications/luci-app-freifunk-diagnostics/luasrc/controller/freifunk/diag.lua @@ -33,7 +33,7 @@ function diag_command(cmd, addr) if addr and addr:match("^[a-zA-Z0-9%-%.:_]+$") then luci.http.prepare_content("text/plain") - local util = io.popen(cmd % addr) + local util = io.popen(cmd % luci.util.shellquote(addr)) if util then while true do local ln = util:read("*l") @@ -52,21 +52,21 @@ function diag_command(cmd, addr) end function diag_ping(addr) - diag_command("ping -c 5 -W 1 %q 2>&1", addr) + diag_command("ping -c 5 -W 1 %s 2>&1", addr) end function diag_traceroute(addr) - diag_command("traceroute -q 1 -w 1 -n %q 2>&1", addr) + diag_command("traceroute -q 1 -w 1 -n %s 2>&1", addr) end function diag_nslookup(addr) - diag_command("nslookup %q 2>&1", addr) + diag_command("nslookup %s 2>&1", addr) end function diag_ping6(addr) - diag_command("ping6 -c 5 %q 2>&1", addr) + diag_command("ping6 -c 5 %s 2>&1", addr) end function diag_traceroute6(addr) - diag_command("traceroute6 -q 1 -w 2 -n %q 2>&1", addr) + diag_command("traceroute6 -q 1 -w 2 -n %s 2>&1", addr) end |