From 3f84c582f966f83d86cf066328eeced4704d63a4 Mon Sep 17 00:00:00 2001
From: Daniil Baturin <daniil@vyos.io>
Date: Fri, 19 Jun 2020 02:11:21 +0300
Subject: T1901: quote the value to avoid having the shell interpret anything
 as a part of the command.

---
 src/validate_value.ml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/validate_value.ml b/src/validate_value.ml
index 3af58e0..250f9f1 100644
--- a/src/validate_value.ml
+++ b/src/validate_value.ml
@@ -11,7 +11,7 @@ let validate_value value_constraint value =
                 especially when the input comes directly from the user...
                 We should do something about it.
          *)
-        let result = Unix.system (Printf.sprintf "%s %s" c value) in
+        let result = Unix.system (Printf.sprintf "%s \'%s\'" c value) in
         match result with
         | Unix.WEXITED 0 -> true
         | Unix.WEXITED 127 ->
-- 
cgit v1.2.3