[X2Go-Commits] [live-build-x2go] 129/160: added filters and quotes for some additional security, added missing escapes

git-admin at x2go.org git-admin at x2go.org
Sat Nov 18 01:55:51 CET 2017


This is an automated email from the git hooks/post-receive script.

x2go pushed a commit to branch feature/openbox
in repository live-build-x2go.

commit e23cac061757302ad412284a865a42ff0be36e21
Author: Stefan Baur <kontakt at baur-itcs.de>
Date:   Wed Oct 25 23:43:03 2017 +0200

    added filters and quotes for some additional security, added missing escapes
---
 .../lib/live/config/2100-show-sysconf                |  2 +-
 .../lib/live/config/2250-getsshpubkeysfromserver     | 11 ++++++-----
 .../lib/live/config/2300-xserver-xorg-getxorgconf    | 11 ++++++-----
 .../lib/live/config/2400-live-autoupdate             | 20 ++++++++++++--------
 config/includes.chroot/lib/live/config/2600-tcpprint |  3 ++-
 .../lib/live/config/2700-x2go-getsessions            | 11 ++++++-----
 .../lib/live/config/2710-x2go-getbranding            |  7 ++++---
 .../includes.chroot/lib/live/config/2720-x2go-getbg  | 11 ++++++-----
 .../lib/live/config/2900-x2go-thinclientconfig       | 17 +++++++++++------
 9 files changed, 54 insertions(+), 39 deletions(-)

diff --git a/config/includes.chroot/lib/live/config/2100-show-sysconf b/config/includes.chroot/lib/live/config/2100-show-sysconf
index 50cb56d..7e7309a 100755
--- a/config/includes.chroot/lib/live/config/2100-show-sysconf
+++ b/config/includes.chroot/lib/live/config/2100-show-sysconf
@@ -20,7 +20,7 @@ fi
 
 (
 	if grep -q findiso /proc/cmdline ; then
-		BOOTEDENV=\$(basename \$(dirname \$(cat /proc/cmdline | sed -e 's/ \([^ ]*\)=/\n\1=/g' | awk -F'=' ' \$1 == "findiso" { print \$2 }')))
+		BOOTEDENV=\$(basename \$(dirname \$(cat /proc/cmdline | sed -e 's/ \([^ ]*\)=/\n\1=/g' | awk -F'=' ' \$1 == "findiso" { print \$2 }' | tr -dc 'a-zA-Z0-9. _\-')))
 	fi
 	if [ -d /lib/live/mount/rootfs/filesystem.squashfs/lib ] ; then
 		TIMESTAMP=\$(stat -c %Y /lib/live/mount/rootfs/filesystem.squashfs/lib)
diff --git a/config/includes.chroot/lib/live/config/2250-getsshpubkeysfromserver b/config/includes.chroot/lib/live/config/2250-getsshpubkeysfromserver
index 76152fa..e6cac51 100755
--- a/config/includes.chroot/lib/live/config/2250-getsshpubkeysfromserver
+++ b/config/includes.chroot/lib/live/config/2250-getsshpubkeysfromserver
@@ -10,7 +10,8 @@ GetSSHPubKeysFromServer ()
 
 	PUBKEYURL=$(cat /proc/cmdline | \
 		    sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-		    awk -F'=' ' /^pubkey=/ { print $2 }')
+		    awk -F'=' ' /^pubkey=/ { print $2 }' |\
+		    tr -dc 'a-zA-Z0-9.:/?%_\-')
 
 	if [ -n "$PUBKEYURL" ] ; then
 		cat >/etc/network/if-up.d/0200-getsshpubkeysfromserver <<GETPUBKEY
@@ -40,16 +41,16 @@ fi
 
 	echo -en "\n\$(date +'%F | %T | ')'\$0': Attempting SSH public keyfile download ..." | tee -a /dev/tty8
 	if echo "$PUBKEYURL" | grep -q "^tftp://" ; then
-		PUBKEYSERVER=$(echo "$PUBKEYURL" | sed 's#^tftp://\([^/]*\)/.*$#\1#' )
-		PUBKEYPATH=$(echo "$PUBKEYURL" | sed 's#^tftp://[^/]*/\(.*\)$#\1#' )
+		PUBKEYSERVER=$(echo "$PUBKEYURL" | sed 's#^tftp://\([^/;]*\)/.*$#\1#' )
+		PUBKEYPATH=$(echo "$PUBKEYURL" | sed 's#^tftp://[^/;]*/\([^;]*\)$#\1#' )
 		if [ -n "\$PUBKEYSERVER" ] && [ -n "\$PUBKEYPATH" ] ; then
-			while ! atftp $PUBKEYSERVER -g -r $PUBKEYPATH -l /root/.ssh/authorized_keys ; do
+			while ! atftp "\$PUBKEYSERVER" -g -r "\$PUBKEYPATH" -l /root/.ssh/authorized_keys ; do
 				echo -en "\n\$(date +'%F | %T | ')'\$0': still waiting for download (tftp) ..." | tee -a /dev/tty8
 				sleep 5
 			done
 		fi
 	else
-		while ! wget -q -O - $PUBKEYURL >/root/.ssh/authorized_keys ; do
+		while ! wget -q -O - "$PUBKEYURL" >/root/.ssh/authorized_keys ; do
 			echo -en "\n\$(date +'%F | %T | ')'\$0': still waiting for download (wget) ..." | tee -a /dev/tty8
 			sleep 5
 		done
diff --git a/config/includes.chroot/lib/live/config/2300-xserver-xorg-getxorgconf b/config/includes.chroot/lib/live/config/2300-xserver-xorg-getxorgconf
index 9824e8d..c20e59f 100755
--- a/config/includes.chroot/lib/live/config/2300-xserver-xorg-getxorgconf
+++ b/config/includes.chroot/lib/live/config/2300-xserver-xorg-getxorgconf
@@ -8,7 +8,8 @@ echo -n " xserver-xorg-getxorgconf"
 
         XORGCONFURL=$(cat /proc/cmdline | \
                        sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-                       awk -F'=' ' /^xorgconfurl=/ { print $2 }')
+                       awk -F'=' ' /^xorgconfurl=/ { print $2 }' | \
+		       tr -dc 'a-zA-Z0-9.:/?%_\-')
         if [ -n "$XORGCONFURL" ] && [ -d /etc/X11 ] ; then 
 		XORGCONFDESTINATION=/etc/X11/xorg.conf.new
 	        cat >/etc/network/if-up.d/0300-getxorgconf <<GETXORG
@@ -31,16 +32,16 @@ fi
 
 	echo -en "\n\$(date +'%F | %T | ')'\$0': Attempting xorg.conf download ..." | tee -a /dev/tty8
 	if echo "$XORGCONFURL" | grep -q "^tftp://" ; then
-		XORGCONFSERVER=$(echo "$XORGCONFURL" | sed 's#^tftp://\([^/]*\)/.*$#\1#' )
-		XORGCONFPATH=$(echo "$XORGCONFURL" | sed 's#^tftp://[^/]*/\(.*\)$#\1#' )
+		XORGCONFSERVER=$(echo "$XORGCONFURL" | sed 's#^tftp://\([^/;]*\)/.*$#\1#' )
+		XORGCONFPATH=$(echo "$XORGCONFURL" | sed 's#^tftp://[^/;]*/\([^;]*\)$#\1#' )
 		if [ -n "\$XORGCONFSERVER" ] && [ -n "\$XORGCONFPATH" ] ; then
-			while ! atftp \$XORGCONFSERVER -g -r \$XORGCONFPATH -l $XORGCONFDESTINATION ; do
+			while ! atftp "\$XORGCONFSERVER" -g -r "\$XORGCONFPATH" -l $XORGCONFDESTINATION ; do
 				echo -en "\n\$(date +'%F | %T | ')'\$0': still waiting for xorg.conf download (tftp) ..." | tee -a /dev/tty8
 				sleep 5
 			done
 		fi
 	else
-		while ! wget -q -O $XORGCONFDESTINATION $XORGCONFURL ; do
+		while ! wget -q -O $XORGCONFDESTINATION "$XORGCONFURL" ; do
 			echo -en "\n\$(date +'%F | %T | ')'\$0': still waiting for xorg.conf download (wget) ..." | tee -a /dev/tty8
 			sleep 5 
 		done
diff --git a/config/includes.chroot/lib/live/config/2400-live-autoupdate b/config/includes.chroot/lib/live/config/2400-live-autoupdate
index 08649a7..00b05ad 100755
--- a/config/includes.chroot/lib/live/config/2400-live-autoupdate
+++ b/config/includes.chroot/lib/live/config/2400-live-autoupdate
@@ -119,7 +119,7 @@ echo -n " live-autoupdater (backgrounding update task)"
 	unset LC_MESSAGES
 
 	# Define our mountpoint and check if we're capable of auto-updating
-	NTFSROOT=$(cat /proc/cmdline | sed -e 's/ \([^ ]*\)=/\n\1=/g' | awk -F '=' '/^ntfs-uuid/ { print $2 }')
+	NTFSROOT=$(cat /proc/cmdline | sed -e 's/ \([^ ]*\)=/\n\1=/g' | awk -F '=' '/^ntfs-uuid/ { print $2 }' |  tr -dc 'a-zA-Z0-9_\-')
 	if [ -n "$NTFSROOT" ]; then
 		mkdir -p /lib/live/mount/ntfsroot
 		# This is in case we've been passed an incomplete UUID and/or one with dashes
@@ -150,7 +150,7 @@ echo -n " live-autoupdater (backgrounding update task)"
 			# if we have access to the entire filesystem, use the
 			# directory size as base size for the current image - 
 			# and if the download directory is even bigger, use that size
-			IMGSIZE=$(du -s "/lib/live/mount/findiso/$(dirname $(sed -e 's/^.*findiso/findiso/' -e 's/ .*$//' /proc/cmdline | awk -F '=' '{ print $2 }'))" | awk '{ print $1}')
+			IMGSIZE=$(du -s "/lib/live/mount/findiso/$(dirname $(sed -e 's/^.*findiso/findiso/' -e 's/ .*$//' /proc/cmdline | awk -F '=' '{ print $2 }' | tr -dc 'a-zA-Z0-9./ _\-'))" | awk '{ print $1}')
 			IMGSIZEDOWNLOAD=$(du -s "/lib/live/mount/findiso/boot/X2Go-live-download" | awk '{ print $1}' || echo "0")
 			[ $IMGSIZEDOWNLOAD -gt $IMGSIZE ] && IMGSIZE=$IMGSIZEDOWNLOAD
 		else
@@ -164,7 +164,8 @@ echo -n " live-autoupdater (backgrounding update task)"
 	# determine our booted environment as well as the other available ones
 	RUNNINGSYSTEMFULLPATH=$(dirname $(readlink -m "$MOUNTPOINT/$(cat /proc/cmdline | \
 				sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-				awk -F'=' ' /^findiso=/ { print $2 }')"))
+				awk -F'=' ' /^findiso=/ { print $2 }' | \
+				tr -dc 'a-zA-Z0-9./ _\-')"))
 
 	ALLSYSTEMSROOT=$(dirname $RUNNINGSYSTEMFULLPATH)
 	RUNNINGSYSTEMNAME=$(basename $RUNNINGSYSTEMFULLPATH)
@@ -172,7 +173,8 @@ echo -n " live-autoupdater (backgrounding update task)"
 	# download url pointing to directory with all required files goes here
 	DOWNLOADURL=$(cat /proc/cmdline | \
 		       sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-		       awk -F'=' ' /^updateurl=/ { print $2 }')
+		       awk -F'=' ' /^updateurl=/ { print $2 }' | \
+		       tr -dc 'a-zA-Z0-9.:/?%_\-')
 
 	if [ -z "$DOWNLOADURL" ]; then
 		echo -n "\n$(date +'%F | %T | ')'$0': No update URL. Exiting."
@@ -183,7 +185,7 @@ echo -n " live-autoupdater (backgrounding update task)"
 		echo -n "\n$(date +'%F | %T | ')'$0': '/lib/live/mount/findiso' directory not found. Scanning for partitions."
 		LISTOFPARTITIONS=$(grep -H ^0$ /sys/block/*/removable | awk -F '/' '{ print $4 }' | xargs -n 1 -I XXX fdisk -l /dev/XXX 2>/dev/null | awk '$0 ~ /Linux$/ { print $1}')
 		TEMPMOUNT=$(mktemp -d -p /lib/live/mount/)
-		FINDFILE=$(cat /proc/cmdline | sed -e 's/ \([^ ]*\)=/\n\1=/g' | awk -F '=' '$1 == "findiso" { print $2 }')
+		FINDFILE=$(cat /proc/cmdline | sed -e 's/ \([^ ]*\)=/\n\1=/g' | awk -F '=' '$1 == "findiso" { print $2 }' | tr -dc 'a-zA-Z0-9./ _\-')
 		[ -z "$FINDFILE" ] && exit 0
 		for PARTITION in $LISTOFPARTITIONS ; do
 			mount -oro $PARTITION $TEMPMOUNT
@@ -215,7 +217,8 @@ echo -n " live-autoupdater (backgrounding update task)"
 	#BWLIMITPERCENT=20 # in percent, numeric-only
 	BWLIMITPERCENT=$(cat /proc/cmdline | \
 				sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-				awk -F'=' ' /^bwlimit=/ { print $2 }')
+				awk -F'=' ' /^bwlimit=/ { print $2 }' | \
+				tr -dc '0-9')
 	if [ -z "$BWLIMITPERCENT" ]; then 
 		BWLIMITPERCENT=20
 		echo -n "\n$(date +'%F | %T | ')'$0': Bandwidth limit not set. Defaulting to 20%."
@@ -226,7 +229,8 @@ echo -n " live-autoupdater (backgrounding update task)"
 	#
 	MAXSLEEPTIME=$(cat /proc/cmdline | \
 				sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-				awk -F'=' ' /^updatesleep=/ && $2 ~ /^[0-9]*$/ { print $2 }')
+				awk -F'=' ' /^updatesleep=/ && $2 ~ /^[0-9]*$/ { print $2 }' | \
+				tr -dc '0-9')
 	if [ -z "$MAXSLEEPTIME" ] || [ $MAXSLEEPTIME -lt 240 ] ; then
 		MAXSLEEPTIME=900
 	fi
@@ -313,7 +317,7 @@ echo -n " live-autoupdater (backgrounding update task)"
 		# Attempt to determine available bandwidth & to set BWLIMIT accordingly
 		echo -n "\n$(date +'%F | %T | ')'$0': Attempting to determine available bandwidth for wget.\n"
 		wget -Nr -P /tmp/ -nd \
-			--progress=bar:force $DOWNLOADURL/x2go-tce-initrd.img 2>&1 | \
+			--progress=bar:force "$DOWNLOADURL/x2go-tce-initrd.img" 2>&1 | \
 			tee /tmp/dl.log
 		cp --update "/tmp/x2go-tce-initrd.img" "$TEMPDIR"
 		rm "/tmp/x2go-tce-initrd.img"
diff --git a/config/includes.chroot/lib/live/config/2600-tcpprint b/config/includes.chroot/lib/live/config/2600-tcpprint
index c25747e..b9fa523 100755
--- a/config/includes.chroot/lib/live/config/2600-tcpprint
+++ b/config/includes.chroot/lib/live/config/2600-tcpprint
@@ -11,7 +11,8 @@ if grep -q "\W*tcpprint\W*" /proc/cmdline ; then
 
         TCPPRINTONLYFROM=$(cat /proc/cmdline | \
                        sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-                       awk -F'=' ' /^tcpprintonlyfrom=/ { print $2 }')
+                       awk -F'=' ' /^tcpprintonlyfrom=/ { print $2 }' | \
+		       tr -dc 'a-zA-Z0-9.\-')
 	if [ -n "$TCPPRINTONLYFROM" ] ; then
 		TCPPRINTONLYFROM="only_from = $TCPPRINTONLYFROM"
 	fi
diff --git a/config/includes.chroot/lib/live/config/2700-x2go-getsessions b/config/includes.chroot/lib/live/config/2700-x2go-getsessions
index 4488e60..4972b92 100755
--- a/config/includes.chroot/lib/live/config/2700-x2go-getsessions
+++ b/config/includes.chroot/lib/live/config/2700-x2go-getsessions
@@ -8,7 +8,8 @@ X2GoGetSessions ()
 
 	SESSIONSURL=$(cat /proc/cmdline | \
 		       sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-		       awk -F'=' ' /^sessionsurl=/ { print $2 }')
+		       awk -F'=' ' /^sessionsurl=/ { print $2 }' | \
+		       tr -dc 'a-zA-Z0-9.:/?%_\-')
 	if [ -n "$SESSIONSURL" ] && [ -d /etc/x2go ] ; then 
 		# only mv this file if SESSIONSURL was set. If not, leave it in place - as
                 # it might have been customized at image creation time
@@ -34,16 +35,16 @@ fi
 
 	echo -en "\n\$(date +'%F | %T | ')'\$0': Attempting session config data download ..." | tee -a /dev/tty8
 	if echo "$SESSIONSURL" | grep -q "^tftp://" ; then
-		SESSIONSSERVER=$(echo "$SESSIONSURL" | sed 's#^tftp://\([^/]*\)/.*$#\1#' )
-		SESSIONSPATH=$(echo "$SESSIONSURL" | sed 's#^tftp://[^/]*/\(.*\)$#\1#' )
+		SESSIONSSERVER=$(echo "$SESSIONSURL" | sed 's#^tftp://\([^/;]*\)/.*$#\1#' )
+		SESSIONSPATH=$(echo "$SESSIONSURL" | sed 's#^tftp://[^/;]*/\([^;]*\)$#\1#' )
 		if [ -n "\$SESSIONSSERVER" ] && [ -n "\$SESSIONSPATH" ] ; then
-			while ! atftp \$SESSIONSSERVER -g -r \$SESSIONSPATH -l $SESSIONSDESTINATION ; do
+			while ! atftp "\$SESSIONSSERVER" -g -r "\$SESSIONSPATH" -l $SESSIONSDESTINATION ; do
 				echo -en "\n\$(date +'%F | %T | ')still waiting for session config data (tftp) ..." | tee -a /dev/tty8
 				sleep 5
 			done
 		fi
 	else
-		while ! wget -q -O $SESSIONSDESTINATION $SESSIONSURL ; do
+		while ! wget -q -O $SESSIONSDESTINATION "$SESSIONSURL" ; do
 			echo -en "\n\$(date +'%F | %T | ')still waiting for session config data (wget) ..." | tee -a /dev/tty8
 			sleep 5 
 		done
diff --git a/config/includes.chroot/lib/live/config/2710-x2go-getbranding b/config/includes.chroot/lib/live/config/2710-x2go-getbranding
index e100b68..e9297e1 100755
--- a/config/includes.chroot/lib/live/config/2710-x2go-getbranding
+++ b/config/includes.chroot/lib/live/config/2710-x2go-getbranding
@@ -9,7 +9,8 @@ X2GoGetBranding ()
 
 	BRANDINGURL=$(cat /proc/cmdline | \
 		       sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-		       awk -F'=' ' /^branding=/ { print $2 }')
+		       awk -F'=' ' /^branding=/ { print $2 }' | \
+		       tr -dc 'a-zA-Z0-9.:/?%_\-')
 	BRANDINGDESTINATION=/etc/x2go/branding.svg
 
 	if [ -n "$BRANDINGURL" ] ; then
@@ -36,13 +37,13 @@ fi
 		BRANDINGSERVER=$(echo "$BRANDINGURL" | sed 's#^tftp://\([^/]*\)/.*$#\1#' )
 		BRANDINGPATH=$(echo "$BRANDINGURL" | sed 's#^tftp://[^/]*/\(.*\)$#\1#' )
 		if [ -n "\$BRANDINGSERVER" ] && [ -n "\$BRANDINGPATH" ] ; then
-			while ! atftp \$BRANDINGSERVER -g -r \$BRANDINGPATH -l ${BRANDINGDESTINATION}.tmp ; do
+			while ! atftp "\$BRANDINGSERVER" -g -r "\$BRANDINGPATH" -l ${BRANDINGDESTINATION}.tmp ; do
 				echo -en "\n\$(date +'%F | %T | ')still waiting for branding SVG download (tftp) ..." | tee -a /dev/tty8
 				sleep 5
 			done
 		fi
 	else
-		while ! wget -q -O ${BRANDINGDESTINATION}.tmp $BRANDINGURL ; do
+		while ! wget -q -O ${BRANDINGDESTINATION}.tmp "$BRANDINGURL" ; do
 			echo -en "\n\$(date +'%F | %T | ')still waiting for branding SVG download (wget) ..." | tee -a /dev/tty8
 			sleep 5 
 		done
diff --git a/config/includes.chroot/lib/live/config/2720-x2go-getbg b/config/includes.chroot/lib/live/config/2720-x2go-getbg
index 83b9927..caae25e 100755
--- a/config/includes.chroot/lib/live/config/2720-x2go-getbg
+++ b/config/includes.chroot/lib/live/config/2720-x2go-getbg
@@ -9,7 +9,8 @@ X2GoGetBG ()
 
 	BGURL=$(cat /proc/cmdline | \
 		       sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-		       awk -F'=' ' /^bg=/ { print $2 }')
+		       awk -F'=' ' /^bg=/ { print $2 }' | \
+		       tr -dc 'a-zA-Z0-9.:/?%_\-')
 	BGDESTINATION=/etc/x2go/bg.svg
 
 	if [ -n "$BGURL" ] ; then
@@ -33,16 +34,16 @@ fi
 
 	echo -en "\n\$(date +'%F | %T | ')'\$0': Attempting background SVG download ..." | tee -a /dev/tty8
 	if echo "$BGURL" | grep -q "^tftp://" ; then
-		BGSERVER=$(echo "$BGURL" | sed 's#^tftp://\([^/]*\)/.*$#\1#' )
-		BGPATH=$(echo "$BGURL" | sed 's#^tftp://[^/]*/\(.*\)$#\1#' )
+		BGSERVER=$(echo "$BGURL" | sed 's#^tftp://\([^/;]*\)/.*$#\1#' )
+		BGPATH=$(echo "$BGURL" | sed 's#^tftp://[^/;]*/\([^;]*\)$#\1#' )
 		if [ -n "\$BGSERVER" ] && [ -n "\$BGPATH" ] ; then
-			while ! atftp \$BGSERVER -g -r \$BGPATH -l ${BGDESTINATION}.tmp ; do
+			while ! atftp "\$BGSERVER" -g -r "\$BGPATH" -l ${BGDESTINATION}.tmp ; do
 				echo -en "\n\$(date +'%F | %T | ')still waiting for background SVG download (tftp) ..." | tee -a /dev/tty8
 				sleep 5
 			done
 		fi
 	else
-		while ! wget -q -O ${BGDESTINATION}.tmp $BGURL ; do
+		while ! wget -q -O ${BGDESTINATION}.tmp "$BGURL" ; do
 			echo -en "\n\$(date +'%F | %T | ')still waiting for background SVG download (wget) ..." | tee -a /dev/tty8
 			sleep 5 
 		done
diff --git a/config/includes.chroot/lib/live/config/2900-x2go-thinclientconfig b/config/includes.chroot/lib/live/config/2900-x2go-thinclientconfig
index e588422..72dc7b7 100755
--- a/config/includes.chroot/lib/live/config/2900-x2go-thinclientconfig
+++ b/config/includes.chroot/lib/live/config/2900-x2go-thinclientconfig
@@ -91,22 +91,27 @@ xsetroot -solid "#246ed8"
 # Get X2GoConfig
 BROKERURL=\$(cat /proc/cmdline | \
 	    sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-	    awk -F'=' ' /^broker-url=/ { print \$2 }')
+	    awk -F'=' ' /^broker-url=/ { print \$2 }' | \
+	    tr -dc 'a-zA-Z0-9.:/?%_\-')
 SESSIONSELECT=\$(cat /proc/cmdline | \
 	    sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
-	    awk -F'=' ' /^session=/ { print \$2 }')
+	    awk -F'=' ' /^session=/ { print \$2 }' | \
+	    tr -dc 'a-zA-Z0-9.:/ _\-')
 LDAP=\$(cat /proc/cmdline | \
 	    sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
 	    sed 's/^ldap=/ldap#/' | \
-	    awk -F'#' ' /^ldap#/ { print \$2 }')
+	    awk -F'#' ' /^ldap#/ { print \$2 }' | \
+	    tr -dc 'a-zA-Z0-9.:_\-')
 LDAP1=\$(cat /proc/cmdline | \
 	    sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
 	    sed 's/^ldap1=/ldap1#/' | \
-	    awk -F'#' ' /^ldap1#/ { print \$2 }')
+	    awk -F'#' ' /^ldap1#/ { print \$2 }' | \
+	    tr -dc 'a-zA-Z0-9.:_\-')
 LDAP2=\$(cat /proc/cmdline | \
 	    sed -e 's/ \([^ ]*\)=/\n\1=/g' | \
 	    sed 's/^ldap2=/ldap2#/' | \
-	    awk -F'#' ' /^ldap2#/ { print \$2 }')
+	    awk -F'#' ' /^ldap2#/ { print \$2 }' | \
+	    tr -dc 'a-zA-Z0-9.:_\-')
 
 
 # Check for background and branding SVGs
@@ -161,7 +166,7 @@ else
 	LDAPPARAMS=""
 fi
 
-BLANKINGTIME=\$(cat /proc/cmdline | sed -e 's/ \([^ ]*\)=/\n\1=/g' | awk -F '=' '\$1 == "blank" { print \$2 }')
+BLANKINGTIME=\$(cat /proc/cmdline | sed -e 's/ \([^ ]*\)=/\n\1=/g' | awk -F '=' '\$1 == "blank" { print \$2 }' | tr -dc '0-9:')
 if [ -n "\$BLANKINGTIME" ]; then
 	DPMSARR=(\$(echo \$BLANKINGTIME | awk -F ':' '\$1 ~/^[0-9]*\$/ && \$2 ~/^[0-9]*\$/ && \$3 ~/^[0-9]*\$/  { print \$1 " " \$2 " " \$3}'))
 	if [ \${DPMSARR[0]} -eq 0 ]; then

--
Alioth's /srv/git/code.x2go.org/live-build-x2go.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/live-build-x2go.git


More information about the x2go-commits mailing list