git: 09d068e52722 - main - nuageinit: fix shell injection in power_state_change delay and add test

The branch main has been updated by bapt:

URL: https://cgit.FreeBSD.org/src/commit/?id=09d068e52722dee0ed65eb88c5ea5bff4bb2ba06

commit 09d068e52722dee0ed65eb88c5ea5bff4bb2ba06
Author:     Baptiste Daroussin <bapt@FreeBSD.org>
AuthorDate: 2026-06-09 14:19:56 +0000
Commit:     Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2026-06-09 16:04:25 +0000

    nuageinit: fix shell injection in power_state_change delay and add test
---
 libexec/nuageinit/nuageinit          | 2 +-
 libexec/nuageinit/tests/nuageinit.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/libexec/nuageinit/nuageinit b/libexec/nuageinit/nuageinit
index 6e900e01df4e..8ca1a2c558c8 100755
--- a/libexec/nuageinit/nuageinit
+++ b/libexec/nuageinit/nuageinit
@@ -748,7 +748,7 @@ local function power_state_change(obj)
 	end
 
 	-- Build shutdown command
-	local cmd = "shutdown -" .. flag .. " " .. delay
+	local cmd = "shutdown -" .. flag .. " " .. nuage.shell_escape(delay)
 	if message then
 		cmd = cmd .. " " .. nuage.shell_escape(message)
 	end
diff --git a/libexec/nuageinit/tests/nuageinit.sh b/libexec/nuageinit/tests/nuageinit.sh
index ce574a350ecc..ab9e697076e1 100644
--- a/libexec/nuageinit/tests/nuageinit.sh
+++ b/libexec/nuageinit/tests/nuageinit.sh
@@ -1332,7 +1332,7 @@ power_state:
   timeout: 30
   condition: true
 EOF
-	atf_check -o inline:"shutdown -r +5 'Rebooting after configuration is complete'\n" \
+	atf_check -o inline:"shutdown -r '+5' 'Rebooting after configuration is complete'\n" \
 	    /usr/libexec/nuageinit "${PWD}"/media/nuageinit postnet
 	true
 }