From ed30787ca4f91aaba67eb4b84a345e398f1e050d Mon Sep 17 00:00:00 2001
From: Erik Karlsson <erik.karlsson@iopsys.eu>
Date: Wed, 14 May 2025 10:12:30 +0200
Subject: [PATCH] map-controller: fix potential shell injection in 99-mapcntlr

Expand variables which may contain "user input" in the second pass
(production data is not likely to contain anything unsafe but it is
better to be on the safe side). In addition use "$@" instead of
hardcoded parameters and handle json_select failure. Use OpenWrt
get_mac_label instead of legacy methods to obtain MAC address.
---
 .../files/etc/uci-defaults/99-mapcntlr        | 26 +++++++++++--------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/map-controller/files/etc/uci-defaults/99-mapcntlr b/map-controller/files/etc/uci-defaults/99-mapcntlr
index e7ce96cc9..91edcd54e 100644
--- a/map-controller/files/etc/uci-defaults/99-mapcntlr
+++ b/map-controller/files/etc/uci-defaults/99-mapcntlr
@@ -1,4 +1,6 @@
 #!/bin/sh
+
+. /lib/functions/system.sh
 . /usr/share/libubox/jshn.sh
 
 CFG=/etc/board.json
@@ -7,8 +9,7 @@ CFG=/etc/board.json
 WIFI_BH_KEY=$(openssl rand -rand /dev/urandom -hex 64 2>/dev/null | openssl dgst -hex -sha256 | cut -d " " -f 2)
 WIFI_BH_KEY=${WIFI_BH_KEY::-1}
 
-BASEMAC_ADDR="$(fw_printenv -n ethaddr | tr -d ':' | tr 'a-z' 'A-Z')"
-[ ${#BASEMAC_ADDR} -eq 12 ] || BASEMAC_ADDR="$(db -q get device.deviceinfo.BaseMACAddress | tr -d ':')"
+BASEMAC_ADDR="$(get_mac_label | tr -d ':' | tr 'a-z' 'A-Z')"
 
 FALLBACK_SSID="$DEVICE_MANUFACTURER-$BASEMAC_ADDR"
 FALLBACK_KEY="1234567890"
@@ -19,15 +20,15 @@ FALLBACK_ALL_ENCRYPTION="sae-mixed"
 
 set_per_band_callback() {
 	local band="$2"
-	json_select "$band"
+	json_select "$band" || return
 	local ssid encryption key
 	json_get_vars ssid encryption key
 	case "$band" in
 	all|2g|5g|6g)
 		local band_upper="$(printf "%s" "$band" | tr 'a-z' 'A-Z')"
-		eval "export -- WIFI_FH_${band_upper}_SSID='$ssid'"
-		eval "export -- WIFI_FH_${band_upper}_ENCRYPTION='$encryption'"
-		eval "export -- WIFI_FH_${band_upper}_KEY='$key'"
+		eval "WIFI_FH_${band_upper}_SSID=\$ssid"
+		eval "WIFI_FH_${band_upper}_ENCRYPTION=\$encryption"
+		eval "WIFI_FH_${band_upper}_KEY=\$key"
 		;;
 	esac
 	json_select ..
@@ -36,25 +37,28 @@ set_per_band_callback() {
 set_vars_from_board_json() {
 	json_init
 	json_load_file "$CFG"
-	json_select wlan
-	json_select defaults
-	json_for_each_item set_per_band_callback ssids
+	if json_select wlan && json_select defaults && json_is_a ssids object; then
+		json_for_each_item set_per_band_callback ssids
+	fi
 	json_cleanup
 }
 
 set_in_priority() {
 	local destination="$1"
-	for alternative in $2 $3 $4 $5 $6 $7 $8 $9; do
+	local alternative value
+	shift
+	for alternative in "$@"; do
 		eval "value=\${${alternative}}"
 		if [ -n "$value" ]; then
 			echo "Setting $destination to '$value' from \$$alternative"
-			eval "export -- ${destination}='$value'"
+			eval "${destination}=\$value"
 			break
 		fi
 	done
 }
 
 set_missing_vars_from_fallback() {
+	local band what
 	for band in ALL 2G 5G 6G; do
 		for what in SSID KEY; do
 			set_in_priority \