treewide: filter shell arguments through shellquote() where applicable

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

2 files changed, 18 insertions, 11 deletions

diff --git a/modules/luci-mod-admin-full/luasrc/controller/admin/network.lua b/modules/luci-mod-admin-full/luasrc/controller/admin/network.lua
index 33f6a67038..070a9e6167 100644
--- a/modules/luci-mod-admin-full/luasrc/controller/admin/network.lua
+++ b/modules/luci-mod-admin-full/luasrc/controller/admin/network.lua
@@ -289,7 +289,8 @@ function iface_reconnect(iface)
 	local netmd = require "luci.model.network".init()
 	local net = netmd:get_network(iface)
 	if net then
-		luci.sys.call("env -i /sbin/ifup %q >/dev/null 2>/dev/null" % iface)
+		luci.sys.call("env -i /sbin/ifup %s >/dev/null 2>/dev/null"
+			% luci.util.shellquote(iface))
 		luci.http.status(200, "Reconnected")
 		return
 	end
@@ -301,7 +302,8 @@ function iface_shutdown(iface)
 	local netmd = require "luci.model.network".init()
 	local net = netmd:get_network(iface)
 	if net then
-		luci.sys.call("env -i /sbin/ifdown %q >/dev/null 2>/dev/null" % iface)
+		luci.sys.call("env -i /sbin/ifdown %s >/dev/null 2>/dev/null"
+			% luci.util.shellquote(iface))
 		luci.http.status(200, "Shutdown")
 		return
 	end
@@ -313,7 +315,8 @@ function iface_delete(iface)
 	local netmd = require "luci.model.network".init()
 	local net = netmd:del_network(iface)
 	if net then
-		luci.sys.call("env -i /sbin/ifdown %q >/dev/null 2>/dev/null" % iface)
+		luci.sys.call("env -i /sbin/ifdown %s >/dev/null 2>/dev/null"
+			% luci.util.shellquote(iface))
 		luci.http.redirect(luci.dispatcher.build_url("admin/network/network"))
 		netmd:commit("network")
 		netmd:commit("wireless")
@@ -389,7 +392,7 @@ function diag_command(cmd, addr)
 	if addr and addr:match("^[a-zA-Z0-9%-%.:_]+$") then
 		luci.http.prepare_content("text/plain")
 
-		local util = io.popen(cmd % addr)
+		local util = io.popen(cmd % luci.util.shellquote(addr))
 		if util then
 			while true do
 				local ln = util:read("*l")
@@ -408,21 +411,21 @@ function diag_command(cmd, addr)
 end
 
 function diag_ping(addr)
-	diag_command("ping -c 5 -W 1 %q 2>&1", addr)
+	diag_command("ping -c 5 -W 1 %s 2>&1", addr)
 end
 
 function diag_traceroute(addr)
-	diag_command("traceroute -q 1 -w 1 -n %q 2>&1", addr)
+	diag_command("traceroute -q 1 -w 1 -n %s 2>&1", addr)
 end
 
 function diag_nslookup(addr)
-	diag_command("nslookup %q 2>&1", addr)
+	diag_command("nslookup %s 2>&1", addr)
 end
 
 function diag_ping6(addr)
-	diag_command("ping6 -c 5 %q 2>&1", addr)
+	diag_command("ping6 -c 5 %s 2>&1", addr)
 end
 
 function diag_traceroute6(addr)
-	diag_command("traceroute6 -q 1 -w 2 -n %q 2>&1", addr)
+	diag_command("traceroute6 -q 1 -w 2 -n %s 2>&1", addr)
 end
diff --git a/modules/luci-mod-admin-full/luasrc/controller/admin/status.lua b/modules/luci-mod-admin-full/luasrc/controller/admin/status.lua
index 4b03a18863..3a1c169f21 100644
--- a/modules/luci-mod-admin-full/luasrc/controller/admin/status.lua
+++ b/modules/luci-mod-admin-full/luasrc/controller/admin/status.lua
@@ -62,7 +62,9 @@ end
 function action_bandwidth(iface)
 	luci.http.prepare_content("application/json")
 
-	local bwc = io.popen("luci-bwc -i '%s' 2>/dev/null" % iface:gsub("'", ""))
+	local bwc = io.popen("luci-bwc -i %s 2>/dev/null"
+		% luci.util.shellquote(iface))
+
 	if bwc then
 		luci.http.write("[")
 
@@ -80,7 +82,9 @@ end
 function action_wireless(iface)
 	luci.http.prepare_content("application/json")
 
-	local bwc = io.popen("luci-bwc -r '%s' 2>/dev/null" % iface:gsub("'", ""))
+	local bwc = io.popen("luci-bwc -r %s 2>/dev/null"
+		% luci.util.shellquote(iface))
+
 	if bwc then
 		luci.http.write("[")