refactor(lpr): sanitizing cmd argument properly

2022-09-07 17:58:55 +02:00 · 2022-09-07 17:58:55 +02:00 · 68bd7ff51b
commit 68bd7ff51b
parent 6d7209b3da
1 changed files with 4 additions and 2 deletions
--- a/src/Utils/Print.hs
+++ b/src/Utils/Print.hs
@ -333,10 +333,12 @@ readProcess' pc = do

 sanitizeCmdArg :: Text -> Text 
 sanitizeCmdArg t =   
-  T.snoc (T.cons '"' $ T.filter (\c -> '"' /= c && '\\' /= c) t) '"'
+  T.snoc (T.cons '\'' $ T.filter (\c -> '\'' /= c && '"' /= c && '\\' /= c) t) '\''
 -- | Pin Password is used as a commandline argument in Utils.Print.encryptPDF and hence poses a security risk
 validCmdArgument :: Text -> Bool
-validCmdArgument t = not (T.null t) && (T.cons '"' (T.snoc t '"') == sanitizeCmdArg t)
+validCmdArgument t = not (T.null t) && (T.cons '\'' (T.snoc t '\'') == sanitizeCmdArg t)
+
+

 -----------
 -- pdftk --