From 82ba7f25b0ad8f9a9ab92ae443c6568543deb5ef Mon Sep 17 00:00:00 2001
From: odain <olivier.dain@combodo.com>
Date: Wed, 17 Feb 2021 10:18:28 +0100
Subject: [PATCH] =?UTF-8?q?N=C2=B03412=20-=20Command=20Injection=20vulnera?=
 =?UTF-8?q?bility=20in=20the=20Setup=20Wizard=20-=20do=20not=20use=20escap?=
 =?UTF-8?q?eshellcmd=20before=20execution=20in=20Windows=20envt?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/utils.inc.php      | 2 +-
 setup/setuputils.class.inc.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/application/utils.inc.php b/application/utils.inc.php
index 738971a60..92915bfc2 100644
--- a/application/utils.inc.php
+++ b/application/utils.inc.php
@@ -2342,7 +2342,7 @@ class utils
 	 * @return bool : indicate whether we run under a windows environnement or not
 	 * @since 2.7.4 : N°3412
 	 */
-	public static function IsWindows(){
+	public static function IsWindowsEnvironment(){
 		return (substr(PHP_OS,0,3) === 'WIN');
 	}
 }
diff --git a/setup/setuputils.class.inc.php b/setup/setuputils.class.inc.php
index 23f1d8692..fc69f16bb 100644
--- a/setup/setuputils.class.inc.php
+++ b/setup/setuputils.class.inc.php
@@ -566,7 +566,7 @@ class SetupUtils
 					"$sGraphvizPath could not be executed: Please make sure it is installed and in the path");
 			}
 
-			if (!utils::IsWindows()){
+			if (!utils::IsWindowsEnvironment()){
 				$sGraphvizPath = escapeshellcmd($sGraphvizPath);
 			}
 		}