diff options
author | nachoparker <nacho@ownyourbits.com> | 2017-12-19 15:27:53 +0300 |
---|---|---|
committer | nachoparker <nacho@ownyourbits.com> | 2017-12-19 21:14:17 +0300 |
commit | 66e50d89171647909593636e9d12ecdac964d18f (patch) | |
tree | dbf7b1403d530787c88de95487c2a13f0b70ee08 | |
parent | c0a9997b4e692b2cae9360da3e9762c22bf5a586 (diff) |
ncp-config: validate inputv0.43.1
-rw-r--r-- | changelog.md | 6 | ||||
-rwxr-xr-x | etc/library.sh | 3 |
2 files changed, 7 insertions, 2 deletions
diff --git a/changelog.md b/changelog.md index f6e7a042..fb053a9e 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,9 @@ -[v0.42.0](https://github.com/nextcloud/nextcloudpi/commit/9e11b7f) (2017-12-18) added UFW +[v0.43.1](https://github.com/nextcloud/nextcloudpi/commit/c3205f9) (2017-12-19) ncp-config: validate input + +[v0.43.0 ](https://github.com/nextcloud/nextcloudpi/commit/9eeb221) (2017-12-18) added nc-audit + +[v0.42.0 ](https://github.com/nextcloud/nextcloudpi/commit/aaac71f) (2017-12-18) added UFW [v0.41.13](https://github.com/nextcloud/nextcloudpi/commit/d5e90a6) (2017-12-17) security hardening part 3 diff --git a/etc/library.sh b/etc/library.sh index 31636d28..7329f8af 100755 --- a/etc/library.sh +++ b/etc/library.sh @@ -49,8 +49,9 @@ function config() $DIALOG_OK) local RET=( $value ) for i in $( seq 0 1 $(( ${#RET[@]} - 1 )) ); do + # check for invalid characters + grep -q "[&]" <<< "${RET[$i]}" && { echo "Invalid characters in field ${VARS[$i]}"; return 1; } local SEDRULE+="s|^${VARS[$i]}_=.*|${VARS[$i]}_=${RET[$i]}|;" - local CONFIG+="${VARS[$i]}=${RET[$i]}\n" done break ;; |