From: Philip Prindeville <philipp@redfish-solutions.com>
Date: Sat, 9 Aug 2025 03:48:06 +0000 (-0600)
Subject: isc-dhcpd: quote filenames for safety
X-Git-Url: http://git.openwrt.org/%22https:/collectd.org//%22/%22https:/collectd.org/%22?a=commitdiff_plain;h=ae8a2d515df8f3638d03b3dbf7f412bca3f17c3f;p=feed%2Fpackages.git

isc-dhcpd: quote filenames for safety

Per best practices, we should protect against wildcards in
variable expansions.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
---

diff --git a/net/isc-dhcp/files/dhcpd.init b/net/isc-dhcp/files/dhcpd.init
index 7f32e41f4c..66b7606175 100755
--- a/net/isc-dhcp/files/dhcpd.init
+++ b/net/isc-dhcp/files/dhcpd.init
@@ -638,7 +638,7 @@ start_service() {
 	else
 		. /lib/functions/network.sh
 
-		local dyn_file=$(mktemp -u /tmp/dhcpd.XXXXXX)
+		local dyn_file="$(mktemp -u /tmp/dhcpd.XXXXXX)"
 
 		config_load dhcp
 
@@ -653,7 +653,7 @@ start_service() {
 		general_config > $config_file
 
 		if [ $dynamicdns -eq 1 ]; then
-			cat <<EOF > $dyn_file
+			cat <<EOF > "$dyn_file"
 ; Generated by /etc/init.d/dhcpd at $(date)
 
 ttl $TTL
@@ -681,11 +681,11 @@ EOF
 
 			no_ipv6 && args="-4"
 
-			nsupdate -l -v $args $dyn_file
+			nsupdate -l -v $args "$dyn_file"
 
 		fi
 
-		rm -f $dyn_file
+		rm -f "$dyn_file"
 
 		[ -z "$dhcp_ifs" ] && return 0
 	fi