From cfaea214306f38f958bc3589e60adcf591f64e21 Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Sun, 30 Jun 2019 19:29:48 +0200
Subject: [PATCH] Security: test all parameters and arguments for the presence
 of control characters

---
 include/parameters | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/include/parameters b/include/parameters
index 53eeecb3..c0048f72 100644
--- a/include/parameters
+++ b/include/parameters
@@ -22,8 +22,21 @@
 #
 #################################################################################
 #
-    # Check number of parameters submitted (at least one is needed)
     PARAMCOUNT=$#
+
+
+    # Input validation on provided parameters and their arguments
+    COUNT=0
+    for I in "$@"; do
+        COUNT=$((COUNT + 1))
+        if ! SafeInput "${I}"; then
+            echo "Execution of ${PROGRAM_NAME} stopped as we found unexpected input or invalid characters in argument ${COUNT}"
+            echo "Do you believe this is in error? Let us know: ${PROGRAM_AUTHOR_CONTACT}"
+            ExitFatal
+        fi
+    done
+
+    # Parse arguments
     while [ $# -ge 1 ]; do
         case $1 in
             # Helpers first