johanels/photoprism
1
0
Fork 0
mirror of https://github.com/photoprism/photoprism.git synced 2025-12-12 00:34:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Log4j: Sanitize user input in logs like filenames and album titles #1814

Browse Source
This commit is contained in:
Michael Mayer
2021-12-14 17:07:38 +01:00
parent ccfa99543d
commit 9a8144c046
101 changed files with 449 additions and 361 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/commands/backup.go
View File

@@ -113,7 +113,7 @@ func backupAction(ctx *cli.Context) error {
}
}
log.Infof("backing up database to %s", txt.Quote(indexFileName))
log.Infof("backing up database to %s", txt.LogParam(indexFileName))
}
var cmd *exec.Cmd
@@ -175,7 +175,7 @@ func backupAction(ctx *cli.Context) error {
albumsPath = conf.AlbumsPath()
}
log.Infof("backing up albums to %s", txt.Quote(albumsPath))
log.Infof("backing up albums to %s", txt.LogParam(albumsPath))
if count, err := photoprism.BackupAlbums(albumsPath, true); err != nil {
return err