diff options
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/cron/warning.php | 3 | ||||
-rwxr-xr-x | scripts/scanforexponents.php | 5 |
2 files changed, 5 insertions, 3 deletions
diff --git a/scripts/cron/warning.php b/scripts/cron/warning.php index 0c97ba2..8f607cd 100755 --- a/scripts/cron/warning.php +++ b/scripts/cron/warning.php @@ -38,7 +38,8 @@ { $row['crt_name'] = str_replace("../", "www/", $row['crt_name']); $row['crt_name'] = "/home/cacert/".$row['crt_name']; - $subject = `openssl x509 -in '$row[crt_name]' -text -noout|grep Subject:`; + $crt_name = escapeshellarg($row['crt_name']); + $subject = `openssl x509 -in $crt_name -text -noout|grep Subject:`; $bits = explode("/", $subject); foreach($bits as $val) { diff --git a/scripts/scanforexponents.php b/scripts/scanforexponents.php index 7136723..388fe1e 100755 --- a/scripts/scanforexponents.php +++ b/scripts/scanforexponents.php @@ -29,10 +29,11 @@ if(!is_file($file)) continue; + $file_esc = escapeshellarg($file); if(substr($file, -3) == "der") - $do = trim(`openssl x509 -inform der -in $file -text -noout 2>&1 |grep 'Exponent'`); + $do = trim(`openssl x509 -inform der -in $file_esc -text -noout 2>&1 |grep 'Exponent'`); else - $do = trim(`openssl x509 -in $file -text -noout 2>&1 |grep 'Exponent'`); + $do = trim(`openssl x509 -in $file_esc -text -noout 2>&1 |grep 'Exponent'`); if($do == "") continue; |