Sanitize shell input

This commit is contained in:
Elara 2021-05-05 14:00:44 -07:00
parent 98dcb1532e
commit 663a4e8920
3 changed files with 5 additions and 1 deletions

1
go.mod
View File

@ -3,6 +3,7 @@ module pak
go 1.15
require (
github.com/alessio/shellescape v1.4.1
github.com/pelletier/go-toml v1.8.2-0.20201124181426-2e01f733df54
github.com/rs/zerolog v1.20.0
github.com/spf13/pflag v1.0.5

2
go.sum
View File

@ -1,3 +1,5 @@
github.com/alessio/shellescape v1.4.1 h1:V7yhSDDn8LP4lc4jS8pFkt0zCnzVJlG5JXy9BVKJUX0=
github.com/alessio/shellescape v1.4.1/go.mod h1:PZAiSCk0LJaZkiCSkPv8qIobYglO3FPpyFjDCtHLS30=
github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=

View File

@ -20,6 +20,7 @@ package main
import (
"fmt"
"github.com/alessio/shellescape"
"github.com/rs/zerolog"
"github.com/rs/zerolog/log"
flag "github.com/spf13/pflag"
@ -155,7 +156,7 @@ func main() {
cmdArr = append(cmdArr, strings.Join(args[1:], " "))
}
// Create space separated string from cmdArr
cmdStr := strings.Join(cmdArr, " ")
cmdStr := shellescape.QuoteCommand(cmdArr)
// Instantiate exec.Command object with command sh, flag -c, and cmdStr
command := exec.Command("sh", "-c", cmdStr)
// Set standard outputs for command