summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2014-04-19 00:45:45 +0200
committerBenny Baumann <BenBE@geshi.org>2014-04-19 00:45:45 +0200
commit1ea66e9941de9ba571534a172a5f3810083b41e3 (patch)
treee286883ce9b0f9e37055a714220f19bd9afdf48a /scripts
parentec1b6811761f7064c09f66b8ab37810b5737fe33 (diff)
parent066a02232fca9338c990a00bb696a6a51f2fd542 (diff)
downloadcacert-devel-1ea66e9941de9ba571534a172a5f3810083b41e3.tar.gz
cacert-devel-1ea66e9941de9ba571534a172a5f3810083b41e3.tar.xz
cacert-devel-1ea66e9941de9ba571534a172a5f3810083b41e3.zip
Merge branch 'bug-1272' into testserver-stable
Diffstat (limited to 'scripts')
-rwxr-xr-xscripts/cron/warning.php3
-rwxr-xr-xscripts/scanforexponents.php5
2 files changed, 5 insertions, 3 deletions
diff --git a/scripts/cron/warning.php b/scripts/cron/warning.php
index 0cffc02..3022ffb 100755
--- a/scripts/cron/warning.php
+++ b/scripts/cron/warning.php
@@ -40,7 +40,8 @@
{
$row['crt_name'] = str_replace("../", "www/", $row['crt_name']);
$row['crt_name'] = "/home/cacert/".$row['crt_name'];
- $subject = `openssl x509 -in '$row[crt_name]' -text -noout|grep Subject:`;
+ $crt_name = escapeshellarg($row['crt_name']);
+ $subject = `openssl x509 -in $crt_name -text -noout|grep Subject:`;
$bits = explode("/", $subject);
foreach($bits as $val)
{
diff --git a/scripts/scanforexponents.php b/scripts/scanforexponents.php
index 7136723..388fe1e 100755
--- a/scripts/scanforexponents.php
+++ b/scripts/scanforexponents.php
@@ -29,10 +29,11 @@
if(!is_file($file))
continue;
+ $file_esc = escapeshellarg($file);
if(substr($file, -3) == "der")
- $do = trim(`openssl x509 -inform der -in $file -text -noout 2>&1 |grep 'Exponent'`);
+ $do = trim(`openssl x509 -inform der -in $file_esc -text -noout 2>&1 |grep 'Exponent'`);
else
- $do = trim(`openssl x509 -in $file -text -noout 2>&1 |grep 'Exponent'`);
+ $do = trim(`openssl x509 -in $file_esc -text -noout 2>&1 |grep 'Exponent'`);
if($do == "")
continue;