tiennm99/coolify
1
0
Fork 0
mirror of https://github.com/tiennm99/coolify.git synced 2026-04-17 17:21:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection

Browse Source
This commit is contained in:
Andras Bacsai
2025-11-25 16:40:35 +01:00
parent 6c030d96f2
commit 9113ed714f
9 changed files with 272 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Events/RestoreJobFinished.php
View File

@@ -22,11 +22,11 @@ class RestoreJobFinished
$commands = [];
if (isSafeTmpPath($scriptPath)) {
$commands[] = "docker exec {$container} sh -c 'rm ".escapeshellarg($scriptPath)." 2>/dev/null || true'";
$commands[] = 'docker exec '.escapeshellarg($container)." sh -c 'rm ".escapeshellarg($scriptPath)." 2>/dev/null || true'";
}
if (isSafeTmpPath($tmpPath)) {
$commands[] = "docker exec {$container} sh -c 'rm ".escapeshellarg($tmpPath)." 2>/dev/null || true'";
$commands[] = 'docker exec '.escapeshellarg($container)." sh -c 'rm ".escapeshellarg($tmpPath)." 2>/dev/null || true'";
}
if (! empty($commands)) {