From a904c183dfc2de7a503466f5ff39d1af3a4d1aca Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sat, 4 May 2019 18:25:11 +0200
Subject: [PATCH] Use printf to escape domain content. This prevents possible
 SQL injection issues

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/query.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh
index d4de380c..d2e16e79 100755
--- a/advanced/Scripts/query.sh
+++ b/advanced/Scripts/query.sh
@@ -104,7 +104,7 @@ fi
 
 scanDatabaseTable() {
     local domain table type querystr result table_prev
-    domain="${1}"
+    domain="$(printf "%q" "${1}")"
     table="${2}"
     type="${3:-}"