Impact: prevent running stupid commands
The code didn't prevents from executing stupid "'" commands
/* Searching & saving all commands */
mypch = strtok (temp,AUTO_SEPARATOR);
while (mypch != NULL) {
- if (strlen(remove_spaces(mypch))>0) {
+ if ((strlen(remove_spaces(mypch))>0) && (remove_spaces(mypch)[0] !='\'')) {
nb_commands++;
if ((commands[nb_commands]=malloc(AUTO_COMMAND_SIZE)) != NULL) {
sprintf(commands[nb_commands],"%s",remove_spaces(mypch));