Snippets Groups Projects

Prevent argument injection in `exiftool`

We're using exiftool with Popen, thus making us vulnerable to argument injection. We can't simply blacklist files starting with a dash (-) because that's kind of legitimate.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Child items ...

Activity

jvoisin @jvoisin · 6 years ago

Author Owner

Done in 6a832a41 but it's a bit hackish :/
jvoisin closed 6 years ago

closed
jvoisin changed milestone to %0.1.2 - Duck 6 years ago

changed milestone to %0.1.2 - Duck

Please register or sign in to reply