projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fdc8c1b) | patch
ddns-scripts: sanitize host charset and shell escape characters 6562/head
authorKarl Vogel <karl.vogel@gmail.com>
Mon, 23 Jul 2018 08:52:42 +0000 (10:52 +0200)
committerKarl Vogel <karl.vogel@gmail.com>
Wed, 25 Jul 2018 06:18:46 +0000 (08:18 +0200)
commit9e79e1b668e010584b28cd771d0b97d5e5c50e99
tree6ee8218cbff8635a71e99f66047d97441003a366tree | snapshot
parentfdc8c1b178d2718dd974066b875f6497d83810d4commit | diff
ddns-scripts: sanitize host charset and shell escape characters

Since certain characters are dangerous to pass as-is to a sub shell,
sanitize the character set and only allow characters that are considered
valid for DNS hosts and filter shell escape characters on generic parameters.

Disable pathname expansion on RUNPROG evals to disable the shell expanding *,
? and [ in the arguments.

Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
net/ddns-scripts/files/dynamic_dns_functions.sh diff | blob | history
net/ddns-scripts/files/dynamic_dns_updater.sh diff | blob | history
Mirror of packages feed