Merge pull request #147 from PGYER/dev/master

fix(Command): filter "`" for comamnd (shell inject)
2026-05-07 05:57:30 +08:00 · 2023-03-27 14:42:51 +08:00
parent 5fa1cc8fbb dd1d1f2a8a
commit c38d6e087d
2 changed files with 5 additions and 5 deletions
--- a/application/libraries/service/Utility/Command.php
+++ b/application/libraries/service/Utility/Command.php
@@ -42,8 +42,8 @@ class Command
        // return '"' . $argument . '"';

        $pattern = [
-            '/(^|[^\\\\])((\\\\\\\\)*[\s\'\"\$\|])/',
-            '/(^|[^\\\\])((\\\\\\\\)*\\\\([^\s\'\"\|\$\\\\]|$))/'
+            '/(^|[^\\\\])((\\\\\\\\)*[\s\`\'\"\$\|])/',
+            '/(^|[^\\\\])((\\\\\\\\)*\\\\([^\s\`\'\"\|\$\\\\]|$))/'
        ];
        $replacement = [
            '$1\\\\$2',
--- a/application/models/repository_model.php
+++ b/application/models/repository_model.php
@@ -1466,14 +1466,14 @@ class Repository_model extends CI_Model
            return FALSE;
        }

+        $branch = Command::wrapArgument($branch);
+        $filePath = Command::wrapArgument($filePath);
+
        $command = GitCommand::getLastLog($branch, $filePath, $lastSha);
        if (!$command) {
            return FALSE;
        }

-        $branch = Command::wrapArgument($branch);
-        $filePath = Command::wrapArgument($filePath);
-
        $log = $this->execCommand($rKey, $uKey, GIT_COMMAND_QUERY, $command);
        $log = rtrim($log, Helper::getDelimiter() . "\n");
        $log = $this->_logStringToArray($log);