Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'origin/topic/robin/gh-54-sanitize'

Browse source 
* origin/topic/robin/gh-54-sanitize:
  Sanitize log files names before they go into system().
This commit is contained in:
Tim Wojtulewicz 2021-09-21 15:16:49 -07:00
parent a49dcc8954
commit 0a0ed65306
8 changed files with 52 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

5
scripts/base/frameworks/notice/main.zeek
View file

@ -384,12 +384,13 @@ function log_mailing_postprocessor(info: Log::RotationInfo): bool
{
local headers = email_headers(fmt("Log Contents: %s", info$fname),
mail_dest);
local tmpfilename = fmt("%s.mailheaders.tmp", info$fname);
local tmpfilename = safe_shell_quote(fmt("%s.mailheaders.tmp", info$fname));
local tmpfile = open(tmpfilename);
write_file(tmpfile, headers);
close(tmpfile);
system(fmt("/bin/cat %s %s | %s -t -oi && /bin/rm %s %s",
tmpfilename, info$fname, sendmail, tmpfilename, info$fname));
tmpfilename, safe_shell_quote(info$fname), sendmail,
tmpfilename, safe_shell_quote(info$fname)));
}
return T;
}