Skip to content

Commit 484f091

Browse files
committed
Prevent race condition with unique file identifiers
1 parent 6e14b54 commit 484f091

1 file changed

Lines changed: 6 additions & 13 deletions

File tree

emhttp/plugins/dynamix/include/OpenTerminal.php

Lines changed: 6 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -40,15 +40,6 @@ function command($path,$file) {
4040
global $run,$wait,$rows;
4141
return (file_exists($file) && substr($file,0,strlen($path))==$path) ? "$run tail -f -n $rows '$file'" : $wait;
4242
}
43-
function bre_escape($s, $delimiter = null) {
44-
// escape BRE meta characters: . * [ ] ^ $ \
45-
$escaped = preg_replace('/([.*\[\]^$\\\\])/', '\\\\$1', $s);
46-
// additionally escape delimiter if provided
47-
if ($delimiter !== null) {
48-
$escaped = str_replace($delimiter, '\\' . $delimiter, $escaped);
49-
}
50-
return $escaped;
51-
}
5243
function sed_escape($s) {
5344
// escape sed replacement meta characters: & and \
5445
return str_replace(['\\', '&'], ['\\\\', '\\&'], $s);
@@ -79,7 +70,9 @@ function sed_escape($s) {
7970
}
8071

8172
// Set script variables
82-
$exec = "/var/tmp/file.manager.terminal.sh";
73+
$unique_id = getmypid() . '_' . uniqid(); // prevent race condition with multiple terminals
74+
$exec = "/var/tmp/file.manager.terminal.$unique_id.sh";
75+
$profile = "/tmp/file.manager.terminal.$unique_id.profile";
8376
$escaped_path = str_replace("'", "'\\''", $real_path);
8477
$sed_escaped = sed_escape($escaped_path);
8578

@@ -92,10 +85,10 @@ function sed_escape($s) {
9285
$script_content = <<<BASH
9386
#!/bin/bash
9487
# Modify /etc/profile to replace 'cd \$HOME' with our target path
95-
sed 's#^cd \$HOME#cd '\''$sed_escaped'\''#' /etc/profile > /tmp/file.manager.terminal.profile
96-
source /tmp/file.manager.terminal.profile
88+
sed 's#^cd \$HOME#cd '\''$sed_escaped'\''#' /etc/profile > '$profile'
89+
source '$profile'
9790
source /root/.bash_profile 2>/dev/null
98-
rm /tmp/file.manager.terminal.profile
91+
rm '$profile'
9992
# Delete this script and exec shell (bash has already loaded this into memory)
10093
{ rm -f '$exec'; exec $user_shell --norc -i; }
10194
BASH;

0 commit comments

Comments
 (0)