Snoopy / Bugs / #80 using curl command line escapeshellcmd will cause bug

#80 using curl command line escapeshellcmd will cause bug

Milestone: None

Status: closed-fixed

Owner: Gene Wood

Labels: None

Priority: 5

Updated: 2015-05-31

Created: 2012-04-15

Creator: jessekii

Private: No

escapeshellcmd will change '?' to '\?' , and will cause 404 not found bug !

so I changed the code:
Line 1012

exec($this->curl_path." -k -D \"$headerfile\"".$cmdline_params." \"".escapeshellcmd($URI)."\"",$results,$return);

$safe_url = str_replace(array(' ', '"'), array('%20', '%22'), $URI);
exec($this->curl_path." -k -D \"$headerfile\"".$cmdline_params." \"".$safe_url."\"",$results,$return);

Discussion

Esben Madsen - 2013-06-18

A safer solution would be to remove the quotes around the escapeshellcmd - I did this when hitting the bug in opendb
https://github.com/pellcorp/opendb/commit/05e37af6e94f6816a6efd19dc60fcb423f7265b7#lib/Snoopy.class.php

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Gene Wood - 2015-05-31

Thanks for the bug report. Snoopy 2.0.0 no longer uses curl an instead uses openssl so all curl issues are now resolved.

You can get the new version of Snoopy 2.0.0 here

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Gene Wood - 2015-05-31

status: open --> closed-fixed

assigned_to: Gene Wood

Group: -->
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

using curl command line escapeshellcmd will cause bug

Group

Searches

Help

#80 using curl command line escapeshellcmd will cause bug

Discussion