From 5ce7a426b77f814973e56182a0e76a2b04904146 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20Tschumperl=C3=A9?= <David.Tschumperle@gmail.com>
Date: Mon, 30 Jul 2018 10:14:53 +0200
Subject: [PATCH] Fix security problem in 'load_network()' preventing malicious
 urls

---
 CImg.h | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/CImg.h b/CImg.h
index 0ebeb03..5826c91 100644
--- a/CImg.h
+++ b/CImg.h
@@ -60571,17 +60571,21 @@ namespace cimg {
     if (timeout) {
       if (referer)
         cimg_snprintf(command,command._width,"%s -e %s -m %u -f --silent --compressed -o \"%s\" \"%s\"",
-                      cimg::curl_path(),referer,timeout,filename_local,url);
+                      cimg::curl_path(),referer,timeout,filename_local,
+                      CImg<char>::string(url)._system_strescape().data());
       else
         cimg_snprintf(command,command._width,"%s -m %u -f --silent --compressed -o \"%s\" \"%s\"",
-                      cimg::curl_path(),timeout,filename_local,url);
+                      cimg::curl_path(),timeout,filename_local,
+                      CImg<char>::string(url)._system_strescape().data());
     } else {
       if (referer)
         cimg_snprintf(command,command._width,"%s -e %s -f --silent --compressed -o \"%s\" \"%s\"",
-                      cimg::curl_path(),referer,filename_local,url);
+                      cimg::curl_path(),referer,filename_local,
+                      CImg<char>::string(url)._system_strescape().data());
       else
         cimg_snprintf(command,command._width,"%s -f --silent --compressed -o \"%s\" \"%s\"",
-                      cimg::curl_path(),filename_local,url);
+                      cimg::curl_path(),filename_local,
+                      CImg<char>::string(url)._system_strescape().data());
     }
     cimg::system(command);
 
@@ -60591,17 +60595,21 @@ namespace cimg {
       if (timeout) {
         if (referer)
           cimg_snprintf(command,command._width,"%s --referer=%s -T %u -q -r -l 0 --no-cache -O \"%s\" \"%s\"",
-                        cimg::wget_path(),referer,timeout,filename_local,url);
+                        cimg::wget_path(),referer,timeout,filename_local,
+                        CImg<char>::string(url)._system_strescape().data());
         else
           cimg_snprintf(command,command._width,"%s -T %u -q -r -l 0 --no-cache -O \"%s\" \"%s\"",
-                        cimg::wget_path(),timeout,filename_local,url);
+                        cimg::wget_path(),timeout,filename_local,
+                        CImg<char>::string(url)._system_strescape().data());
       } else {
         if (referer)
           cimg_snprintf(command,command._width,"%s --referer=%s -q -r -l 0 --no-cache -O \"%s\" \"%s\"",
-                        cimg::wget_path(),referer,filename_local,url);
+                        cimg::wget_path(),referer,filename_local,
+                        CImg<char>::string(url)._system_strescape().data());
         else
           cimg_snprintf(command,command._width,"%s -q -r -l 0 --no-cache -O \"%s\" \"%s\"",
-                        cimg::wget_path(),filename_local,url);
+                        cimg::wget_path(),filename_local,
+                        CImg<char>::string(url)._system_strescape().data());
       }
       cimg::system(command);
 
-- 
GitLab