fixing shell code execution vulnerabilities

Improve escapeSpecialCharacters to prevent arbitrary code execution
nots1dd · Jul 8, 2024 · 3277d17 · 3277d17
2 parents fb555c6 + 163d091
commit 3277d17
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/headers/src/lmus_cache.cpp b/headers/src/lmus_cache.cpp
@@ -67,10 +67,11 @@ string getFileNameFromInode(const string& inode) {
 string escapeSpecialCharacters(const string& fileName) {
     string escapedFileName;
     for (char c : fileName) {
-        if (c == '$' || c == '#') {
-            escapedFileName += '\\'; // Add a backslash before special characters
-        }
-        escapedFileName += c;
+        if (c == '\'') {
+            escapedFileName += "'\"'\"'"; // Add a backslash before special characters
+        } else {
+			escapedFileName += c;
+		}
     }
     return escapedFileName;
 }
@@ -82,7 +83,7 @@ void storeMetadataJSON(const string& inode, const string& fileName, json& artist
     string escapedFileName = escapeSpecialCharacters(fileName);
 
     // Construct the ffprobe command with the escaped filename
-    string metadataCmd = "ffprobe -v quiet -print_format json -show_format \"" + escapedFileName + "\"";
+    string metadataCmd = "ffprobe -v quiet -print_format json -show_format '" + escapedFileName + "'";
     string metadataInfo = executeCommand(metadataCmd);
 
     auto metadata = json::parse(metadataInfo);