diff options
Diffstat (limited to 'src/Cache.cpp')
| -rw-r--r-- | src/Cache.cpp | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/Cache.cpp b/src/Cache.cpp index cf1510a..a6270f0 100644 --- a/src/Cache.cpp +++ b/src/Cache.cpp @@ -357,6 +357,7 @@ namespace dchat string downloadLimitBytesStr = to_string(downloadLimitBytes); + // TODO: Escape url, it can contain escape sequence and execute shell code maliciously... Process::string_type cmd = "curl -L --silent -o '"; cmd += filepath.native(); cmd += "' --max-filesize " + downloadLimitBytesStr + " --range 0-" + downloadLimitBytesStr + " --url '" + url + "'"; |