diff options
author | Erich Eckner <git@eckner.net> | 2018-05-30 11:56:27 +0200 |
---|---|---|
committer | Erich Eckner <git@eckner.net> | 2018-05-30 11:56:27 +0200 |
commit | 82e16bd24ef847b86321f25a8dd416c813b970f9 (patch) | |
tree | 0441a5c47822bc8fba00a351d048dc71d52aeb8f /buildmaster | |
parent | 8abb1df6b81f38fc4717353af57e2952548c5baf (diff) | |
download | archweb32-82e16bd24ef847b86321f25a8dd416c813b970f9.tar.xz |
buildmaster/todos.php: base64_encode for dot to avoid bash mantraps
Diffstat (limited to 'buildmaster')
-rw-r--r-- | buildmaster/todos.php | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/buildmaster/todos.php b/buildmaster/todos.php index d6ad5f8..9785cf4 100644 --- a/buildmaster/todos.php +++ b/buildmaster/todos.php @@ -47,19 +47,18 @@ if (isset($_GET["graph"])) { $edges=$edges . "\"" . $link["depending_on"] . "\" -> \"" . $link["dependent"] . "\";\n"; } - $knots = str_replace("\$","\\\$",$knots); - $edges = str_replace("\$","\\\$",$edges); - header ("Content-type: image/png"); passthru( - "dot -Tpng -o/dev/stdout /dev/stdin <<EOF\n" . - "digraph dependencies {\n" . - "rankdir=LR;\n" . - "fontname=dejavu;\n" . - $knots . - $edges . - "}\n" . - "EOF\n" + "echo \"" . base64_encode( + "digraph dependencies {\n" . + "rankdir=LR;\n" . + "fontname=dejavu;\n" . + $knots . + $edges . + "}\n" + ) . "\" | " . + "base64 -d | " . + "dot -Tpng -o/dev/stdout /dev/stdin" ); } else { // isset($_GET["graph"]) |