tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow forward slash in SafeInput check

This commit is contained in:
Michael Boelen 2024-12-18 17:53:09 +00:00
parent f08cde63d6
commit f2ac59a130
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/functions
View File

@ -3052,12 +3052,12 @@
SafeInput() {
exitcode=1
# By default remove only special or undefined characters
# Test against the string with a generic test set
if [ $# -eq 1 ]; then
input="$1"
# Allow only a common set of characters in first parameter
cleaned=$(echo "$input" | sed 's/[^a-zA-Z0-9\._:=-]//g')
# If know what to test against, then see if input matches the specified class
# Only allow common set of characters: a-z, A-Z, 0-9, /._-:=
cleaned=$(echo "$input" | sed 's/[^a-zA-Z0-9\/\._:=-]//g')
# If two parameters are specified, then test input against specified class
elif [ $# -eq 2 ]; then
input="$1"
testchars="$2"