iliaa Tue Aug 5 16:15:53 2003 EDT
Modified files:
/php-src/ext/standard exec.c
Log:
Fixed bug #18291 (escapeshellcmd() can now handle quoted arguments).
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.100 php-src/ext/standard/exec.c:1.101
--- php-src/ext/standard/exec.c:1.100 Tue Jun 10 16:03:37 2003
+++ php-src/ext/standard/exec.c Tue Aug 5 16:15:53 2003
@@ -16,7 +16,7 @@
| Ilia Alshanetsky <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: exec.c,v 1.100 2003/06/10 20:03:37 imajes Exp $ */
+/* $Id: exec.c,v 1.101 2003/08/05 20:15:53 iliaa Exp $ */
#include <stdio.h>
#include "php.h"
@@ -260,18 +260,28 @@
char *php_escape_shell_cmd(char *str) {
register int x, y, l;
char *cmd;
+ char *p = NULL;
l = strlen(str);
cmd = emalloc(2 * l + 1);
for (x = 0, y = 0; x < l; x++) {
switch (str[x]) {
+ case '"':
+ case '\'':
+ if (!p && (p = memchr(str + x + 1, str[x], l - x -
1))) {
+ /* noop */
+ } else if (p && *p == str[x]) {
+ p = NULL;
+ } else {
+ cmd[y++] = '\\';
+ }
+ cmd[y++] = str[x];
+ break;
case '#': /* This is character-set independent */
case '&':
case ';':
case '`':
- case '\'':
- case '"':
case '|':
case '*':
case '?':
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
