Implements #6822 Disallow backslashes in URL cron

Author: tbrehm

interface/lib/classes/validate_cron.inc.php

@@ -53,6 +53,10 @@ function command_format($field_name, $field_value, $validator) {
 			if($parsed["scheme"] != "http" && $parsed["scheme"] != "https") return $this->get_error($validator['errmsg']);
 
 			if(preg_match("'^([a-z0-9][a-z0-9_\-]{0,62}\.)+([A-Za-z0-9\-]{2,63})$'i", $parsed["host"]) == false) return $this->get_error($validator['errmsg']);
+
+			if(strpos($field_value, '\\') !== false) {
+				return $this->get_error($validator['errmsg']);
+			}
 		}
 		if(strpos($field_value, "\n") !== false || strpos($field_value, "\r") !== false || strpos($field_value, chr(0)) !== false) {
 			return $this->get_error($validator['errmsg']);

server/plugins-available/cron_plugin.inc.php

@@ -254,6 +254,11 @@ function _write_crontab() {
 
 				$cron_line .= "\t{$this->parent_domain['system_user']}"; //* running as user
 				if($job['type'] == 'url') {
+					// Check that command does not contain a backslash
+					if (strpos($job['command'], '\\') !== false) {
+						$app->log("Insecure Cron job SKIPPED: " . $job['command'], LOGLEVEL_WARN);
+						continue;
+					}
 					$cron_line .= "\t{$cron_config['wget']} --no-check-certificate --user-agent='Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0' -q -t 1 -T 7200 -O " . $log_wget_target . " " . escapeshellarg($job['command']) . " " . $log_target;
 				} else {
 					$web_root = '';