Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix: vulnerable to command injection
  • Loading branch information
taoyuan committed Dec 14, 2020
1 parent a3ffac9 commit fcbc36f
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
4 changes: 4 additions & 0 deletions lib/tesseract.js
Expand Up @@ -36,6 +36,10 @@ const Tesseract = {
outputEncoding: 'UTF-8',

command: function (image, options) {
if (image.startsWith('"')) {
image = '"' + image + '"';
}

// assemble tesseract command
const command = [options.binary, image, options.output];

Expand Down
2 changes: 1 addition & 1 deletion package.json
Expand Up @@ -30,6 +30,6 @@
},
"license": "MIT",
"engine": {
"node": ">=0.6"
"node": ">=8.0"
}
}

0 comments on commit fcbc36f

Please sign in to comment.