Commit: e024ef1a36b36785955816a1ee95c9c498ad0550 Author: kovacs.ferenc <[email protected]> Wed, 11 Jun 2014 11:57:36 +0200 Parents: cbc4e41a44ae25fe258d02fa9332cfcac17535a6 Branches: master
Link: http://git.php.net/?p=web/master.git;a=commitdiff;h=e024ef1a36b36785955816a1ee95c9c498ad0550 Log: escape the cname for the shell exec Changed paths: M network/status/api.php Diff: diff --git a/network/status/api.php b/network/status/api.php index d385564..0926c0b 100644 --- a/network/status/api.php +++ b/network/status/api.php @@ -46,7 +46,7 @@ $lang_iso = $conf[5]; $active = $conf[7] == '1' ? 'active' : 'inactive'; // The mirror's actual CNAME, IP info, and network stats -$cname = $row['cname']; +$cname = escapeshellarg($row['cname']); $ip_info = str_replace(PHP_EOL,'; ',trim(`host $cname | grep -i address`)); $ping_stats = nl2br(trim(`ping -c1 -i1 -w1 $cname | grep -v PING | grep -v "ping statistics"`)); $ip_addr = gethostbyname($_GET['host']); -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
