From 6389f9718f5f826736399c674f75c465e3203454 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@open-infrastructure.net>
Date: Tue, 27 Jul 2021 02:46:38 +0200
Subject: Hardening quoting in container main program.

Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
---
 bin/container | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bin/container b/bin/container
index 17bce7d..1ec73ef 100755
--- a/bin/container
+++ b/bin/container
@@ -42,9 +42,9 @@ COMMANDS="${1}"
 
 # Options
 shift 1
-OPTIONS="${@}"
+OPTIONS="${*}"
 
-for COMMAND in $(echo ${COMMANDS} | sed -e 's|,| |g')
+for COMMAND in $(echo "${COMMANDS}" | sed -e 's|,| |g')
 do
 	if [ ! -e "/usr/libexec/${PROGRAM}/${COMMAND}" ]
 	then
@@ -88,7 +88,7 @@ do
 					then
 						for TARGET in ${IRK_TARGETS}
 						do
-							irk ${TARGET} "\x0300${CONTAINER_USER}\x03@\x0312${HOST}:\x03 \x0303${PROGRAM}\x03 \x0307${COMMAND}\x03 ${OPTIONS}"
+							irk "${TARGET}" "\x0300${CONTAINER_USER}\x03@\x0312${HOST}:\x03 \x0303${PROGRAM}\x03 \x0307${COMMAND}\x03 ${OPTIONS}"
 						done
 					fi
 				fi
-- 
cgit v1.2.3