mike/systeminformation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #10 from EffectRenan/master

Browse Source 
Fix Improper Input Validation
This commit is contained in:
huntr.dev | the place to protect open source 2021-05-04 14:32:29 +01:00 committed by GitHub
commit 51f761059d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/docker.js
View File

@ -159,7 +159,7 @@ function dockerImagesInspect(imageID, payload) {
process.nextTick(() => { process.nextTick(() => {
imageID = imageID || ''; imageID = imageID || '';
if (typeof imageID !== 'string') { if (typeof imageID !== 'string') {
resolve(); return resolve();
} }
const imageIDSanitized = (util.isPrototypePolluted() ? '' : util.sanitizeShellString(imageID, true)).trim(); const imageIDSanitized = (util.isPrototypePolluted() ? '' : util.sanitizeShellString(imageID, true)).trim();
if (imageIDSanitized) { if (imageIDSanitized) {
@ -307,7 +307,7 @@ function dockerContainerInspect(containerID, payload) {
process.nextTick(() => { process.nextTick(() => {
containerID = containerID || ''; containerID = containerID || '';
if (typeof containerID !== 'string') { if (typeof containerID !== 'string') {
resolve(); return resolve();
} }
const containerIdSanitized = (util.isPrototypePolluted() ? '' : util.sanitizeShellString(containerID, true)).trim(); const containerIdSanitized = (util.isPrototypePolluted() ? '' : util.sanitizeShellString(containerID, true)).trim();
if (containerIdSanitized) { if (containerIdSanitized) {
@ -601,7 +601,7 @@ function dockerContainerProcesses(containerID, callback) {
process.nextTick(() => { process.nextTick(() => {
containerID = containerID || ''; containerID = containerID || '';
if (typeof containerID !== 'string') { if (typeof containerID !== 'string') {
resolve(result); return resolve(result);
} }
const containerIdSanitized = (util.isPrototypePolluted() ? '' : util.sanitizeShellString(containerID, true)).trim(); const containerIdSanitized = (util.isPrototypePolluted() ? '' : util.sanitizeShellString(containerID, true)).trim();