Permalink
Browse files

Security. Use escapeshellarg for option values.

  • Loading branch information...
1 parent d974e54 commit ef1f7eb3e30d27cbe7b605d76e0d9d61e46eb6e5 @GromNaN GromNaN committed Jul 9, 2011
Showing with 2 additions and 2 deletions.
  1. +2 −2 src/Knp/Snappy/Media.php
View
@@ -268,10 +268,10 @@ private function buildCommand($binary, $input, $output, array $options)
$command .= " --".$key;
} elseif (is_array($value)) {
foreach ($value as $v) {
- $command .= " --".$key." ".$v;
+ $command .= " --".$key." ".escapeshellarg($v);
}
} else {
- $command .= " --".$key." ".$value;
+ $command .= " --".$key." ".escapeshellarg($value);
}
}
}

0 comments on commit ef1f7eb

Please sign in to comment.