From 99950e6518b4acbebd72d90f3358478d16ea8865 Mon Sep 17 00:00:00 2001
From: "Kay Marquardt (Gnadelwartz)" <kay@rrr.de>
Date: Wed, 17 Mar 2021 19:46:31 +0100
Subject: [PATCH] modules: jsshDB: fix removal of unwanted characters from
 untrusted input

---
 modules/jsonDB.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/jsonDB.sh b/modules/jsonDB.sh
index 9c2d4be..6b7501e 100644
--- a/modules/jsonDB.sh
+++ b/modules/jsonDB.sh
@@ -5,7 +5,7 @@
 # This file is public domain in the USA and all free countries.
 # Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying)
 #
-#### $$VERSION$$ v1.5-0-g8adca9b
+#### $$VERSION$$ v1.51-dev-0-g369124b
 #
 # source from commands.sh to use jsonDB functions
 #
@@ -358,7 +358,7 @@ Json2Array() {
 	# 		match ["....."]\t and replace \t with = and print     delete `	quote true false            escape not escaped $
 	# shellcheck disable=SC1091,SC1090
 	[ -z "$1" ] || source <( printf "$1"'=( %s )'\
-		 "$(sed -E -n -e '/\["[-0-9a-zA-Z_,."]+"\]\+*\t/ s/\t/=/p' -e 's/[`´]//g' -e 's/=(true|false)/="\1"/' -e 's/([^\]|^)\$/\1\\$/g')" )
+		 "$(sed -E -n -e 's/[`´]//g' -e 's/\]\t(true|false)/="\1"/' -e 's/([^\]|^)\$/\1\\$/g' -e '/\["[-0-9a-zA-Z_,."]+"\]\+*\t/ s/\t/=/p')" )
 }
 # get Config Key from jssh file without jsshDB
 # output ARRAY as JSON.sh style data