Quote arguments to shell when sending email

Note that the function switch_util_quote_shell_arg is implemented
incorrectly for unix shells, so this is still not safe until that
function is fixed.

Reported-by: Nathan Neulinger <nneul@mst.edu>
FS-5450 --resolve

diff --git a/src/switch_utils.c b/src/switch_utils.c
index ddfe0931a02aee4cfa23ef72907a082202085b0c..be6adb94ccbfc976caa9965a77ecf05dc898bd35 100644 (file)
--- a/src/switch_utils.c
+++ b/src/switch_utils.c
@@ -909,11 +909,17 @@ SWITCH_DECLARE(switch_bool_t) switch_simple_email(const char *to,
        if (zstr(from)) {
                from = "freeswitch";
        }
+
+       {
+               char *to_arg = switch_util_quote_shell_arg(to);
+               char *from_arg = switch_util_quote_shell_arg(from);
 #ifdef WIN32
-       switch_snprintf(buf, B64BUFFLEN, "\"\"%s\" -f %s %s %s < \"%s\"\"", runtime.mailer_app, from, runtime.mailer_app_args, to, filename);
+               switch_snprintf(buf, B64BUFFLEN, "\"\"%s\" -f %s %s %s < \"%s\"\"", runtime.mailer_app, from_arg, runtime.mailer_app_args, to_arg, filename);
 #else
-       switch_snprintf(buf, B64BUFFLEN, "/bin/cat %s | %s -f %s %s %s", filename, runtime.mailer_app, from, runtime.mailer_app_args, to);
+               switch_snprintf(buf, B64BUFFLEN, "/bin/cat %s | %s -f %s %s %s", filename, runtime.mailer_app, from_arg, runtime.mailer_app_args, to_arg);
 #endif
+               switch_safe_free(to_arg); switch_safe_free(from_arg);
+       }
        if (switch_system(buf, SWITCH_TRUE) < 0) {
                switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Unable to execute command: %s\n", buf);
                err = "execute error";