lxc-* tools are vulnerable for arguments with spaces

src/lxc/lxc-ls.in

@@ -18,7 +18,7 @@ function get_cgroup()
 	fi
 }
 
-ls $* $lxcpath
+ls "$@" $lxcpath
 
 active=$(netstat -xa | grep $lxcpath | \
 	sed -e 's#.*'"$lxcpath/"'\(.*\)/command#\1#');
@@ -26,6 +26,6 @@ active=$(netstat -xa | grep $lxcpath | \
 if test -n "$active"; then
 	get_cgroup
 	if test -n "$mount_point"; then
-		cd $mount_point; ls $* -d $active
+		cd $mount_point; ls "$@" -d $active
 	fi
 fi

src/lxc/lxc-netstat.in

@@ -25,7 +25,7 @@ if [ $# -eq  0 ]; then
 	exit 1
 fi
 
-for i in $*; do
+for i in "$@"; do
 	case $i in
 		-h|--help)
 			help; exit 1;;
@@ -37,7 +37,7 @@ for i in $*; do
 done
 
 if [ -z "$exec" ]; then
-    exec @BINDIR@/lxc-unshare -s MOUNT -- $0 -n $name --exec $*
+    exec @BINDIR@/lxc-unshare -s MOUNT -- $0 -n $name --exec "$@"
 fi
 
 if [ -z "$name" ]; then
@@ -72,4 +72,4 @@ if [ -z "$pid" ]; then
 fi
 
 mount --bind /proc/$pid/net /proc/$$/net && \
-    exec netstat $*
+    exec netstat "$@"

src/lxc/lxc-setcap.in

@@ -83,9 +83,9 @@ if [ $? != 0 ]; then
     exit 1
 fi
 
-set -- $(getopt dh $*)
+set -- $(getopt dh "$@")
 
-for i in $*; do
+for i in "$@"; do
     case "$1" in
 	-d)
 	    LXC_DROP_CAPS="yes"

src/lxc/lxc-setuid.in

@@ -81,9 +81,9 @@ if [ $? != 0 ]; then
     exit 1
 fi
 
-set -- $(getopt dh $*)
+set -- $(getopt dh "$@")
 
-for i in $*; do
+for i in "$@"; do
     case "$1" in
 	-d)
 	    LXC_DROP_CAPS="yes"
@@ -108,4 +108,4 @@ if [ -z "$LXC_DROP_CAPS" ]; then
     lxc_setuid
 else
     lxc_dropuid
-fi
+fi
\ No newline at end of file