Escape project directory in shell commands
[gitphp.git] / include / git / FileHistory.class.php
blob:a/include/git/FileHistory.class.php -> blob:b/include/git/FileHistory.class.php
--- a/include/git/FileHistory.class.php
+++ b/include/git/FileHistory.class.php
@@ -280,7 +280,7 @@
 		$args[] = $this->path;
 		$args[] = '|';
 		$args[] = $this->exe->GetBinary();
-		$args[] = '--git-dir=' . $this->project->GetPath();
+		$args[] = '--git-dir=' . escapeshellarg($this->project->GetPath());
 		$args[] = GIT_DIFF_TREE;
 		$args[] = '-r';
 		$args[] = '--stdin';

comments