From f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7 Mon Sep 17 00:00:00 2001
From: "Chris St. Pierre" <chris.a.st.pierre@gmail.com>
Date: Fri, 5 Aug 2011 08:24:22 -0400
Subject: fixed security bugs with unescaped input to the shell

---
 src/lib/Server/Plugins/Svn.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/lib/Server/Plugins/Svn.py')

diff --git a/src/lib/Server/Plugins/Svn.py b/src/lib/Server/Plugins/Svn.py
index cb4ab649b..a127d0273 100644
--- a/src/lib/Server/Plugins/Svn.py
+++ b/src/lib/Server/Plugins/Svn.py
@@ -35,7 +35,7 @@ class Svn(Bcfg2.Server.Plugin.Plugin,
         """Read svn revision information for the Bcfg2 repository."""
         try:
             data = Popen(("env LC_ALL=C svn info %s" %
-                         (self.datastore)), shell=True,
+                         pipes.quote(self.datastore)), shell=True,
                          stdout=PIPE).communicate()[0].split('\n')
             return [line.split(': ')[1] for line in data \
                     if line[:9] == 'Revision:'][-1]
-- 
cgit v1.2.3-1-g7c22