From 6aef41c10871bbda28f4f56c175057e7b2167e20 Mon Sep 17 00:00:00 2001
From: Rodrigo Polo <rodrigo.polo@gmail.com>
Date: Thu, 1 Apr 2021 05:33:49 -0600
Subject: [PATCH] V2.0.1, to avoid an absurd Command Injection

---
 main.js      | 6 ++++++
 package.json | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/main.js b/main.js
index bb8df95..47ab603 100644
--- a/main.js
+++ b/main.js
@@ -418,6 +418,12 @@ function plotScript(input, cb, op){
 	}
 
 	extend(options, op);
+
+	// To prevent almost imposible Command Injection
+	if(options.terminal != 'windows' && options.terminal != 'x11'){
+		options.terminal = defterminal;
+	}
+
 	var script_str='';
 
 	getFrames(input, options.progress, function(err, data){
diff --git a/package.json b/package.json
index 2495513..c633258 100644
--- a/package.json
+++ b/package.json
@@ -9,7 +9,7 @@
     "gnuplot",
     "bitrate"
   ],
-  "version": "2.0.0",
+  "version": "2.0.1",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/rodrigopolo/plotframes.git"