Skip to content
Permalink
Browse files Browse the repository at this point in the history
Correct RRD backup/restore cmd file handling. Fixes #13935
  • Loading branch information
jim-p committed Feb 6, 2023
1 parent 053f60e commit ca80d18
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
6 changes: 3 additions & 3 deletions src/etc/inc/config.lib.inc
Expand Up @@ -280,22 +280,22 @@ function restore_rrddata($conf = false) {

foreach ($conf['rrddata']['rrddatafile'] as $rrd) {
if ($rrd['xmldata']) {
$rrd_file = "{$g['vardb_path']}/rrd/{$rrd['filename']}";
$rrd_file = "{$g['vardb_path']}/rrd/" . basename($rrd['filename']);
$xml_file = preg_replace('/\.rrd$/', ".xml", $rrd_file);
if (file_put_contents($xml_file, gzinflate(base64_decode($rrd['xmldata']))) === false) {
log_error(sprintf(gettext("Cannot write %s"), $xml_file));
continue;
}
$output = array();
$status = null;
exec("$rrdtool restore -f '{$xml_file}' '{$rrd_file}'", $output, $status);
exec("{$rrdtool} restore -f " . escapeshellarg($xml_file) . ' ' . escapeshellarg($rrd_file), $output, $status);
if ($status) {
log_error("rrdtool restore -f '{$xml_file}' '{$rrd_file}' failed returning {$status}.");
continue;
}
unlink($xml_file);
} else if ($rrd['data']) {
$rrd_file = "{$g['vardb_path']}/rrd/{$rrd['filename']}";
$rrd_file = "{$g['vardb_path']}/rrd/" . basename($rrd['filename']);
$rrd_fd = fopen($rrd_file, "w");
if (!$rrd_fd) {
log_error(sprintf(gettext("Cannot write %s"), $rrd_file));
Expand Down
2 changes: 1 addition & 1 deletion src/usr/local/pfSense/include/www/backup.inc
Expand Up @@ -51,7 +51,7 @@ function rrd_data_xml() {
foreach ($rrd_files as $rrd_file) {
$basename = basename($rrd_file);
$xml_file = preg_replace('/\.rrd$/', ".xml", $rrd_file);
exec("$rrdtool dump '{$rrd_file}' '{$xml_file}'");
exec("{$rrdtool} dump " . escapeshellarg($rrd_file) . ' ' . escapeshellarg($xml_file));
$xml_data = file_get_contents($xml_file);
unlink($xml_file);
if ($xml_data !== false) {
Expand Down

0 comments on commit ca80d18

Please sign in to comment.