From 9631f83b6fee75ea6c6981ca7a591fc45666baa3 Mon Sep 17 00:00:00 2001 From: Nikolay Bachiyski Date: Wed, 30 Mar 2016 14:05:24 +0000 Subject: [PATCH] Snoopy: use escapeshellarg instead of escapeshellcmd We are escaping arguments, not commands, so we'd better use the semantically correct function, even though they are similar. Built from https://develop.svn.wordpress.org/branches/4.3@37096 git-svn-id: http://core.svn.wordpress.org/branches/4.3@37063 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/class-snoopy.php | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/wp-includes/class-snoopy.php b/wp-includes/class-snoopy.php index 2c59c48112..5c3034f69e 100644 --- a/wp-includes/class-snoopy.php +++ b/wp-includes/class-snoopy.php @@ -999,20 +999,23 @@ class Snoopy if(!empty($this->user) || !empty($this->pass)) $headers[] = "Authorization: BASIC ".base64_encode($this->user.":".$this->pass); - for($curr_header = 0; $curr_header < count($headers); $curr_header++) { - $safer_header = strtr( $headers[$curr_header], "\"", " " ); - $cmdline_params .= " -H \"".$safer_header."\""; + $headerfile = tempnam( $this->temp_dir, "sno" ); + $cmdline_params = '-k -D ' . escapeshellarg( $headerfile ); + + foreach ( $headers as $header ) { + $cmdline_params .= ' -H ' . escapeshellarg( $header ); } - if(!empty($body)) - $cmdline_params .= " -d \"$body\""; + if ( ! empty( $body ) ) { + $cmdline_params .= ' -d ' . escapeshellarg( $body ); + } - if($this->read_timeout > 0) - $cmdline_params .= " -m ".$this->read_timeout; + if ( $this->read_timeout > 0 ) { + $cmdline_params .= ' -m ' . escapeshellarg( $this->read_timeout ); + } - $headerfile = tempnam($this->temp_dir, "sno"); - exec($this->curl_path." -k -D \"$headerfile\"".$cmdline_params." \"".escapeshellcmd($URI)."\"",$results,$return); + exec( $this->curl_path . ' ' . $cmdline_params . ' ' . escapeshellarg( $URI ), $results, $return ); if($return) {