diff --git a/app/calls_active/calls_active_inc.php b/app/calls_active/calls_active_inc.php
index 6eb0cdddb6..309248f5d8 100644
--- a/app/calls_active/calls_active_inc.php
+++ b/app/calls_active/calls_active_inc.php
@@ -202,8 +202,8 @@
echo "| ".$domain_name." | \n";
}
echo "".$tmp_number." | \n";
- echo "".$cid_name." | \n";
- echo "".$cid_num." | \n";
+ echo "".escape($cid_name)." | \n";
+ echo "".escape($cid_num)." | \n";
echo "".$dest." | \n";
echo "".((strlen($application) > 0) ? $application.":".$application_data : null)." | \n";
echo "".$read_codec.":".$read_rate." / ".$write_codec.":".$write_rate." | \n";
diff --git a/resources/install/scripts/app/fax/resources/scripts/hangup_rx.lua b/resources/install/scripts/app/fax/resources/scripts/hangup_rx.lua
index 9ebde58893..154bb7baad 100644
--- a/resources/install/scripts/app/fax/resources/scripts/hangup_rx.lua
+++ b/resources/install/scripts/app/fax/resources/scripts/hangup_rx.lua
@@ -57,6 +57,13 @@
return s
end
+-- escape shell arguments to prevent command injection
+
+ local function shell_esc(x)
+ return ("'"..x:gsub('\\', '\\\\')
+ :gsub('\'', '\\\'').."'")
+ end
+
-- set channel variables to lua variables
domain_uuid = env:getHeader("domain_uuid");
domain_name = env:getHeader("domain_name");
@@ -219,6 +226,8 @@
else
cmd = cmd .. "fax_prefix=false ";
end
+
+ cmd=shell_esc(cmd);
freeswitch.consoleLog("notice", "[fax] command: " .. cmd .. "\n");
result = api:execute("system", cmd);