Date: Tue, 09 Jun 2026 16:04:31 +0000 From: Baptiste Daroussin <bapt@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 09d068e52722 - main - nuageinit: fix shell injection in power_state_change delay and add test Message-ID: <6a28398f.22d21.5d3e5e7e@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=09d068e52722dee0ed65eb88c5ea5bff4bb2ba06 commit 09d068e52722dee0ed65eb88c5ea5bff4bb2ba06 Author: Baptiste Daroussin <bapt@FreeBSD.org> AuthorDate: 2026-06-09 14:19:56 +0000 Commit: Baptiste Daroussin <bapt@FreeBSD.org> CommitDate: 2026-06-09 16:04:25 +0000 nuageinit: fix shell injection in power_state_change delay and add test --- libexec/nuageinit/nuageinit | 2 +- libexec/nuageinit/tests/nuageinit.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/libexec/nuageinit/nuageinit b/libexec/nuageinit/nuageinit index 6e900e01df4e..8ca1a2c558c8 100755 --- a/libexec/nuageinit/nuageinit +++ b/libexec/nuageinit/nuageinit @@ -748,7 +748,7 @@ local function power_state_change(obj) end -- Build shutdown command - local cmd = "shutdown -" .. flag .. " " .. delay + local cmd = "shutdown -" .. flag .. " " .. nuage.shell_escape(delay) if message then cmd = cmd .. " " .. nuage.shell_escape(message) end diff --git a/libexec/nuageinit/tests/nuageinit.sh b/libexec/nuageinit/tests/nuageinit.sh index ce574a350ecc..ab9e697076e1 100644 --- a/libexec/nuageinit/tests/nuageinit.sh +++ b/libexec/nuageinit/tests/nuageinit.sh @@ -1332,7 +1332,7 @@ power_state: timeout: 30 condition: true EOF - atf_check -o inline:"shutdown -r +5 'Rebooting after configuration is complete'\n" \ + atf_check -o inline:"shutdown -r '+5' 'Rebooting after configuration is complete'\n" \ /usr/libexec/nuageinit "${PWD}"/media/nuageinit postnet true }home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a28398f.22d21.5d3e5e7e>