From e64cb03654a5828e7b4fd47ea602a9cd474d0995 Mon Sep 17 00:00:00 2001
From: effectrenan <officialeffect@gmail.com>
Date: Thu, 18 Feb 2021 14:01:49 -0300
Subject: [PATCH] Fix possible security issue in inetChecksite()

---
 lib/poc.js  | 22 ++++++++++++++++++++++
 lib/util.js |  1 +
 2 files changed, 23 insertions(+)
 create mode 100644 lib/poc.js

diff --git a/lib/poc.js b/lib/poc.js
new file mode 100644
index 0000000..98e883d
--- /dev/null
+++ b/lib/poc.js
@@ -0,0 +1,22 @@
+let si = require('./internet');
+si.inetChecksite([]).then((a) => {
+  if (a.ok == false)
+    console.log("inetChecksite is fixed!")
+  else
+    console.log("inetChecksite is not fixed!")
+});
+
+
+si.inetLatency([]).then((a) => {
+  if (a == null)
+    console.log("inetLatency is fixed!")
+  else
+    console.log("inetLatency is not fixed!")
+});
+si = require('./processes');
+si.services([]).then((a) => {
+  if (typeof a == typeof [])
+    console.log("services is fixed!")
+  else
+    console.log("services is not fixed!")
+});
diff --git a/lib/util.js b/lib/util.js
index 56b80d2..24b3e6e 100644
--- a/lib/util.js
+++ b/lib/util.js
@@ -529,6 +529,7 @@ function sanitizeShellString(str, strict = false) {
       s[i] === '\'' ||
       s[i] === '`' ||
       s[i] === '"' ||
+      strict && s[i] === '@' ||
       strict && s[i] === ' ' ||
       strict && s[i] == '{' ||
       strict && s[i] == ')')) {