nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-03-31 13:39:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add sanitize for the lua copy function

Browse Source
This commit is contained in:
FusionPBX
2026-03-22 03:34:26 +00:00
committed by GitHub
parent 0a63841e5a
commit 92ea4dc8db
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/switch/resources/scripts/resources/functions/copy.lua
View File

@@ -1,5 +1,9 @@
--add the copy function
function copy(src,dst)
--retrieve allowed characters and then use it to sanitize the dir variable
local allowed_chars = os.getenv("ALLOWED_CHARS") or "^%a%d%-%._~/"
dir = dir:gsub("[^" .. allowed_chars .. "]", "")
if (package.config:sub(1,1) == "/") then
--unix
cmd = [[cp "]] .. src .. [[" "]] .. dst .. [["]];