diff options
author | Florian Pritz <bluewind@xinu.at> | 2018-03-20 17:30:02 +0100 |
---|---|---|
committer | Florian Pritz <bluewind@xinu.at> | 2018-03-20 17:30:02 +0100 |
commit | 006cf0764295d37daa597f4ea9cf31abb75d1b68 (patch) | |
tree | 4f40341fef42c760330e2caa501881ab195a67b2 /system/libraries/Image_lib.php | |
parent | 61e2a033717a4669117696d0b6913474e3f57954 (diff) | |
parent | 02a0518e1c56ba3506f370362ac5ebdb8a138312 (diff) |
Merge tag 'ci-upstream/3.1.7' into dev
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'system/libraries/Image_lib.php')
-rw-r--r-- | system/libraries/Image_lib.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 88c9e7ede..b9adcd6e5 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2017, British Columbia Institute of Technology + * Copyright (c) 2014 - 2018, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 @@ -972,7 +972,7 @@ class CI_Image_lib { $cmd_inner = 'pnmscale -xysize '.$this->width.' '.$this->height; } - $cmd = $this->library_path.$cmd_in.' '.$this->full_src_path.' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp'; + $cmd = $this->library_path.$cmd_in.' '.escapeshellarg($this->full_src_path).' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp'; $retval = 1; // exec() might be disabled |