diff --git a/java/sage/IOUtils.java b/java/sage/IOUtils.java index b929bc81..08beaa9b 100644 --- a/java/sage/IOUtils.java +++ b/java/sage/IOUtils.java @@ -1143,8 +1143,9 @@ public static int doNFSMount(String nfsPath, String localPath) if (!Sage.LINUX_OS) return NFS_MOUNT_FAILED; if (nfsPath.startsWith("nfs://")) nfsPath = nfsPath.substring(6); - // Check if the mount is already done - if (IOUtils.exec2(new String[] { "sh", "-c", "mount -t nfs | grep -i \"" + localPath + "\"" }) == 0) + // Check if the mount is already done — avoid sh -c to prevent shell injection via localPath + String mountOutput = IOUtils.exec(new String[] { "mount", "-t", "nfs" }); + if (mountOutput != null && mountOutput.toLowerCase().contains(localPath.toLowerCase())) { //if (Sage.DBG) System.out.println("NFS Mount already exists"); return NFS_MOUNT_EXISTS; diff --git a/java/sage/MediaFile.java b/java/sage/MediaFile.java index 64227b6b..213f4179 100644 --- a/java/sage/MediaFile.java +++ b/java/sage/MediaFile.java @@ -3685,7 +3685,8 @@ else if (generalType == MEDIAFILE_DEFAULT_DVD_DRIVE) // It returns 0 if there's valid media in the drive (not blank either) String burnPath = Sage.get("linux/cd_burn", "cdrecord"); String devPath = Sage.get("default_burner_device", "/dev/cdrom"); - int rez = IOUtils.exec2(new String[] { "sh", "-c", burnPath + " -toc dev=" + devPath }); + // Use array form to avoid shell injection via burnPath/devPath properties + int rez = IOUtils.exec2(new String[] { burnPath, "-toc", "dev=" + devPath }); if (Sage.DBG) System.out.println("Checking DVD status rez: " + rez); return rez == 0; }