diff options
| author | Benny Baumann <BenBE@geshi.org> | 2014-04-19 00:45:25 +0200 |
|---|---|---|
| committer | Benny Baumann <BenBE@geshi.org> | 2014-04-19 00:45:25 +0200 |
| commit | 066a02232fca9338c990a00bb696a6a51f2fd542 (patch) | |
| tree | 51779f8adbabb9a41171aa7ff6c1147ad2da9245 /scripts/scanforexponents.php | |
| parent | 0ea069195e48daced9e92cc919be59a483566c78 (diff) | |
| download | cacert-devel-066a02232fca9338c990a00bb696a6a51f2fd542.tar.gz cacert-devel-066a02232fca9338c990a00bb696a6a51f2fd542.tar.xz cacert-devel-066a02232fca9338c990a00bb696a6a51f2fd542.zip | |
bug 1272: Properly escape the filename passed to OpenSSL
Diffstat (limited to 'scripts/scanforexponents.php')
| -rwxr-xr-x | scripts/scanforexponents.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/scripts/scanforexponents.php b/scripts/scanforexponents.php index 7136723..388fe1e 100755 --- a/scripts/scanforexponents.php +++ b/scripts/scanforexponents.php @@ -29,10 +29,11 @@ if(!is_file($file)) continue; + $file_esc = escapeshellarg($file); if(substr($file, -3) == "der") - $do = trim(`openssl x509 -inform der -in $file -text -noout 2>&1 |grep 'Exponent'`); + $do = trim(`openssl x509 -inform der -in $file_esc -text -noout 2>&1 |grep 'Exponent'`); else - $do = trim(`openssl x509 -in $file -text -noout 2>&1 |grep 'Exponent'`); + $do = trim(`openssl x509 -in $file_esc -text -noout 2>&1 |grep 'Exponent'`); if($do == "") continue; |