fixed security bugs with unescaped input to the shell

author: Chris St. Pierre <chris.a.st.pierre@gmail.com> 2011-08-05 08:24:22 -0400
committer: Chris St. Pierre <chris.a.st.pierre@gmail.com> 2011-08-05 08:24:22 -0400
commit: f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7 (patch)
tree: 9c2a8c8daf8250c0aca46761381fe53488c3f839 /src/lib/Server/Admin
parent: ed85e40bcbce07cc5e2d67b985e48c836d0a9079 (diff)
download: bcfg2-f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7.tar.gz
bcfg2-f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7.tar.bz2
bcfg2-f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7.zip
1 files changed, 3 insertions, 4 deletions
diff --git a/src/lib/Server/Admin/Viz.py b/src/lib/Server/Admin/Viz.py
index 3ab54e543..9b1e78821 100644
--- a/src/lib/Server/Admin/Viz.py
+++ b/src/lib/Server/Admin/Viz.py
@@ -86,11 +86,10 @@ class Viz(Bcfg2.Server.Admin.MetadataCore):
         else:
             format = 'png'
 
-        cmd = "dot -T%s" % (format)
+        cmd = ["dot", "-T", format]
         if output:
-            cmd += " -o %s" % output
-        dotpipe = Popen(cmd, shell=True, stdin=PIPE,
-                        stdout=PIPE, close_fds=True)
+            cmd.extend(["-o", output])
+        dotpipe = Popen(cmd, stdin=PIPE, stdout=PIPE, close_fds=True)
         try:
             dotpipe.stdin.write("digraph groups {\n")
         except:
author	Chris St. Pierre <chris.a.st.pierre@gmail.com>	2011-08-05 08:24:22 -0400
committer	Chris St. Pierre <chris.a.st.pierre@gmail.com>	2011-08-05 08:24:22 -0400
commit	f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7 (patch)
tree	9c2a8c8daf8250c0aca46761381fe53488c3f839 /src/lib/Server/Admin
parent	ed85e40bcbce07cc5e2d67b985e48c836d0a9079 (diff)
download	bcfg2-f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7.tar.gz bcfg2-f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7.tar.bz2 bcfg2-f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7.zip