Stop execution if unexpected characters were found. Also move hyphen to end to list, otherwise it may not work as a matchin character

1 files changed, 5 insertions, 4 deletions

diff --git a/include/profiles b/include/profiles
index 65e3bcee..26b7b9b1 100644
--- a/include/profiles
+++ b/include/profiles
@@ -45,16 +45,17 @@
             sleep 30
         fi
 
-        # Security check for unexpected and possibly harmful escape characters
-        DATA=$(grep -v '^$\|^ \|^#\|^config:'  ${PROFILE} | tr -d '[:alnum:]/\[\]\(\)\-_\|,\.:;= \n\r' | od -An -ta | sed 's/ /!space!/g')
+        # Security check for unexpected and possibly harmful escape characters (hyphen should be listed as first or last character)
+        DATA=$(grep -v '^$\|^ \|^#\|^config:' ${PROFILE} | tr -d '[:alnum:]/\[\]\(\)_\|,\.:;= \n\r-' | od -An -ta | sed 's/ /!space!/g')
         if ! IsEmpty "${DATA}"; then
             DisplayWarning "Your profile '${PROFILE}' contains unexpected characters. See the log file for more information."
-            LogText "Found unexpected or possibly harmful characters in the profile. See output below."
+            LogText "Found unexpected or possibly harmful characters in profile '${PROFILE}'. See which characters matched in the output below and compare them with your profile."
             for I in "${DATA}"; do
                 I=$(echo ${I} | sed 's/!space!/ /g')
                 LogText "Output: ${I}"
             done
-            sleep 30
+            LogText "Suggestion: comment incorrect lines with a '#' and try again. Open a GitHub issue if valid characters are blocked"
+            ExitFatal "unexpected characters in profile. Stopping execution (security measure)"
         fi
 
         # Now parse the profile and filter out unwanted characters