From 6798b001e1581f5cf1a2a67dfff529cc6c0bf128 Mon Sep 17 00:00:00 2001
From: William Stone <ed@thestones.me>
Date: Tue, 7 Apr 2026 11:56:46 -0500
Subject: [PATCH] patch command injection vulnerability

---
 main.c | 13 ++++++++++++-
 main.h |  1 +
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/main.c b/main.c
index 42aaa7e85..01a30b704 100644
--- a/main.c
+++ b/main.c
@@ -1510,7 +1510,7 @@ void get_tlm(void) {
 	    
       printf("\n\nTelemetry string is %s \n\n", str);	
 	    
-      if (transmit) {
+      if (transmit && is_safe_input(str)) {
         FILE * file2 = popen(str, "r");
         pclose(file2);
 	      
@@ -1530,6 +1530,17 @@ void get_tlm(void) {
   return;
 }
 
+int is_safe_input(const char *s) {
+  for (; *s; s++) {
+    if (!isdigit((unsigned char)*s)
+        && !isupper((unsigned char)*s)
+        && *s != '.' && *s != '-' && *s != '+'
+        && *s != ' ' && *s != '\n' && *s != '_')
+        return 0;
+  }
+  return 1;
+}
+
 // generates telemetry which is decoded by AMSAT's FoxTelem: https://www.amsat.org/foxtelem-software-for-windows-mac-linux/
 // for more info about how we use FoxTelem see https://www.g0kla.com/foxtelem/amsat_telemetry_designers_handbook.pdf
 
diff --git a/main.h b/main.h
index 7c8f2386c..80bc8a1f5 100644
--- a/main.h
+++ b/main.h
@@ -98,6 +98,7 @@ extern const unsigned char ALPHA_TO[];
 // const unsigned char *CCodecAO40::encode(unsigned char *source_bytes, int byte_count);
 void program_radio();
 void socket_send(int length);
+int is_safe_input(const char *s);
 
 int socket_open = 0;
 int sock = 0;