Skip to content

Commit

Permalink
Escape MaxMind database file wget command
Browse files Browse the repository at this point in the history
  • Loading branch information
@endelwar
endelwar committed Jan 24, 2024
1 parent 27cb35c commit 2ff5e1e
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 3 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
- Validate on new exim id format (#1294)
- Permit + and = chars in email for sendmail (#1291)
- Fix Message Listing on Mysql 8+ (#1295)
- Fix MaxMind database download when curl extension is not available (#1297)

## 1.2.21
### Improvements
Expand Down
6 changes: 4 additions & 2 deletions mailscanner/geoip_update.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,11 +137,13 @@
}
}

exec(
'wget ' . $proxyString . ' -N ' . $files_base_url . $file['path'] . ' -O ' . $file['destination'],
$command = escapeshellcmd('wget ' . $proxyString . ' -N ' . $files_base_url . $file['path'] . ' -O ' . $file['destination']);
$result = exec(
$command,
$output_wget,
$retval_wget
);

if ($retval_wget > 0) {
echo __('downbad15') . ' ' . $file['description'] . "<br>\n";
} else {
Expand Down
3 changes: 2 additions & 1 deletion tools/Cron_jobs/mailwatch_geoip_update.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,8 +133,9 @@
}
}

$command = escapeshellcmd('wget ' . $proxyString . ' -N ' . $files_base_url . $file['path'] . ' -O ' . $file['destination']);
exec(
'wget ' . $proxyString . ' -N ' . $files_base_url . $file['path'] . ' -O ' . $file['destination'],
$command,
$output_wget,
$retval_wget
);
Expand Down

0 comments on commit 2ff5e1e

Please sign in to comment.