From 72e576e5290d77c0850c5a54bc1f23bbc150c63c Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Mon, 30 Mar 2015 21:51:57 +0200
Subject: Disallow semicolons in passed commands

---
 apps/files_external/3rdparty/smb4php/smb.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/apps/files_external/3rdparty/smb4php/smb.php b/apps/files_external/3rdparty/smb4php/smb.php
index e325506fa14..7ffdb42e134 100644
--- a/apps/files_external/3rdparty/smb4php/smb.php
+++ b/apps/files_external/3rdparty/smb4php/smb.php
@@ -112,6 +112,11 @@ class smb {
 
 
 	function execute ($command, $purl, $regexp = NULL) {
+		if (strpos($command,';') !== false) {
+			trigger_error('Semicolon not supported in commands');
+			exit();
+		}
+
 		return smb::client ('-d 0 '
 				. escapeshellarg ('//' . $purl['host'] . '/' . $purl['share'])
 				. ' -c ' . escapeshellarg ($command), $purl, $regexp
-- 
cgit v1.2.3