tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-23 22:04:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Allow forward slash in SafeInput check

Browse Source
This commit is contained in:
Michael Boelen 2024-12-18 17:53:09 +00:00
parent f08cde63d6
commit f2ac59a130
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/functions
View File

@ -3052,12 +3052,12 @@
SafeInput() { SafeInput() {
exitcode=1 exitcode=1
# By default remove only special or undefined characters # Test against the string with a generic test set
if [ $# -eq 1 ]; then if [ $# -eq 1 ]; then
input="$1" input="$1"
# Allow only a common set of characters in first parameter # Only allow common set of characters: a-z, A-Z, 0-9, /._-:=
cleaned=$(echo "$input" | sed 's/[^a-zA-Z0-9\._:=-]//g') cleaned=$(echo "$input" | sed 's/[^a-zA-Z0-9\/\._:=-]//g')
# If know what to test against, then see if input matches the specified class # If two parameters are specified, then test input against specified class
elif [ $# -eq 2 ]; then elif [ $# -eq 2 ]; then
input="$1" input="$1"
testchars="$2" testchars="$2"