RCE is bad please take it away
This commit is contained in:
parent
299d1784e9
commit
6347324899
|
@ -40,9 +40,9 @@ if (!isset($decoded["repository"]["html_url"])) {
|
|||
exit();
|
||||
}
|
||||
|
||||
$repo = $decoded["repository"]["html_url"];
|
||||
// Please no Remote Code Execution
|
||||
$repo = escapeshellarg($decoded["repository"]["html_url"]);
|
||||
|
||||
// TODO: looks dangerous but i have no clue what PHP is doing here
|
||||
$secret = shell_exec("forgehook secret ".$repo);
|
||||
|
||||
if ($secret == NULL) {
|
||||
|
|
Reference in New Issue