diff options
author | Hans Dedecker <dedeckeh@gmail.com> | 2016-10-06 09:13:40 +0200 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2016-10-06 12:16:12 +0200 |
commit | 34528c4807de017c359d87d0cd3c415cc0ae1893 (patch) | |
tree | 371e209e81973b3dabce089f553d0d79f2803f9b | |
parent | 7694c5cf0edc51e7a9cea188143c6fef2f38f442 (diff) | |
download | upstream-34528c4807de017c359d87d0cd3c415cc0ae1893.tar.gz upstream-34528c4807de017c359d87d0cd3c415cc0ae1893.tar.bz2 upstream-34528c4807de017c359d87d0cd3c415cc0ae1893.zip |
dslite: Quote resolveip hostname argument
Quote resolveip hostname argument to avoid bad shell injections.
While at it fix pattern match logic in case multiple IPv6 addresses
are returned for a hostname as they're seperated by newline by
resolveip and not a white space
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
-rw-r--r-- | package/network/ipv6/ds-lite/Makefile | 2 | ||||
-rwxr-xr-x | package/network/ipv6/ds-lite/files/dslite.sh | 10 |
2 files changed, 8 insertions, 4 deletions
diff --git a/package/network/ipv6/ds-lite/Makefile b/package/network/ipv6/ds-lite/Makefile index 919ac7e74d..58e7156b95 100644 --- a/package/network/ipv6/ds-lite/Makefile +++ b/package/network/ipv6/ds-lite/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ds-lite PKG_VERSION:=7 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_LICENSE:=GPL-2.0 include $(INCLUDE_DIR)/package.mk diff --git a/package/network/ipv6/ds-lite/files/dslite.sh b/package/network/ipv6/ds-lite/files/dslite.sh index a7e0a10542..2485a424dc 100755 --- a/package/network/ipv6/ds-lite/files/dslite.sh +++ b/package/network/ipv6/ds-lite/files/dslite.sh @@ -26,16 +26,20 @@ proto_dslite_setup() { ( proto_add_host_dependency "$cfg" "::" "$tunlink" ) - remoteip6=$(resolveip -6 $peeraddr) + remoteip6=$(resolveip -6 "$peeraddr") if [ -z "$remoteip6" ]; then sleep 3 - remoteip6=$(resolveip -6 $peeraddr) + remoteip6=$(resolveip -6 "$peeraddr") if [ -z "$remoteip6" ]; then proto_notify_error "$cfg" "AFTR_DNS_FAIL" return fi fi - peeraddr="${remoteip6%% *}" + + for ip6 in $remoteip6; do + peeraddr=$ip6 + break + done [ -z "$ip6addr" ] && { local wanif="$tunlink" |