summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorErich Eckner <git@eckner.net>2018-05-30 11:56:27 +0200
committerErich Eckner <git@eckner.net>2018-05-30 11:56:27 +0200
commit82e16bd24ef847b86321f25a8dd416c813b970f9 (patch)
tree0441a5c47822bc8fba00a351d048dc71d52aeb8f
parent8abb1df6b81f38fc4717353af57e2952548c5baf (diff)
downloadarchweb32-82e16bd24ef847b86321f25a8dd416c813b970f9.tar.xz
buildmaster/todos.php: base64_encode for dot to avoid bash mantraps
-rw-r--r--buildmaster/todos.php21
1 files changed, 10 insertions, 11 deletions
diff --git a/buildmaster/todos.php b/buildmaster/todos.php
index d6ad5f8..9785cf4 100644
--- a/buildmaster/todos.php
+++ b/buildmaster/todos.php
@@ -47,19 +47,18 @@ if (isset($_GET["graph"])) {
$edges=$edges . "\"" . $link["depending_on"] . "\" -> \"" . $link["dependent"] . "\";\n";
}
- $knots = str_replace("\$","\\\$",$knots);
- $edges = str_replace("\$","\\\$",$edges);
-
header ("Content-type: image/png");
passthru(
- "dot -Tpng -o/dev/stdout /dev/stdin <<EOF\n" .
- "digraph dependencies {\n" .
- "rankdir=LR;\n" .
- "fontname=dejavu;\n" .
- $knots .
- $edges .
- "}\n" .
- "EOF\n"
+ "echo \"" . base64_encode(
+ "digraph dependencies {\n" .
+ "rankdir=LR;\n" .
+ "fontname=dejavu;\n" .
+ $knots .
+ $edges .
+ "}\n"
+ ) . "\" | " .
+ "base64 -d | " .
+ "dot -Tpng -o/dev/stdout /dev/stdin"
);
} else { // isset($_GET["graph"])