bug-1280: Variable naming, formatting, php-syntax-error
[cacert-devel.git] / scripts / scanforexponents.php
index 7136723..388fe1e 100755 (executable)
                if(!is_file($file))
                        continue;
 
+               $file_esc = escapeshellarg($file);
                if(substr($file, -3) == "der")
-                       $do = trim(`openssl x509 -inform der -in $file -text -noout 2>&1 |grep 'Exponent'`);
+                       $do = trim(`openssl x509 -inform der -in $file_esc -text -noout 2>&1 |grep 'Exponent'`);
                else
-                       $do = trim(`openssl x509 -in $file -text -noout 2>&1 |grep 'Exponent'`);
+                       $do = trim(`openssl x509 -in $file_esc -text -noout 2>&1 |grep 'Exponent'`);
 
                if($do == "")
                        continue;