Commit 6f69a17a authored by Duncan White's avatar Duncan White
Browse files

added VERY important sanitisation, phew:-)

parent dd69bcf5
...@@ -116,10 +116,16 @@ sub converse () ...@@ -116,10 +116,16 @@ sub converse ()
unless( $args ) unless( $args )
{ {
$log->warn( "converse: eof from client" ); $log->warn( "converse: eof from client" );
print "client: gimme some args:-)\n"; print "gimme a line of args:-)\n";
return; return;
} }
chomp $args; chomp $args;
unless( $args =~ /^(\w-\s)+$/ )
{
$log->warn( "converse: dangerous args <<$args>> from client" );
print "dangerous args <<$args>>, get stuffed:-)\n";
return;
}
system( "$command $args" ); system( "$command $args" );
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment