Log injection possible via incorrect RPC calls

[practicalswift]

Issue and Steps to Reproduce

In terminal 1:

$ lightningd/lightningd
2018-02-07T14:22:25.698Z lightningd(13329): Server started with public key …, alias … (color #…) and lightningd v0.5.2-…

In terminal 2:

$ cli/lightning-cli foo "$(clear; echo "I've now taken over your log. Sorry about that."; \
      echo " "; echo " ")"
lightning-cli: reading response: Success

Back in terminal 1:

[screen cleared]
I've now taken over your log. Sorry about that.

 "] }'

[practicalswift]

I was able to reproduce the issue also for valid RPC commands with invalid RPC arguments:

$ cli/lightning-cli decodepay "$(clear)"

[cdecker]

I don't fully understand how this happens, we're just printing to a terminal after all. I would expect the example you give to clear the caller's terminal not the callee's terminal

[cdecker]

Oh, I see, it's printing control characters, but things still get executed on the client side. Should probably sanitize this.

[practicalswift]

@cdecker Yes, the problem is that the control characters get printed unsanitized :-)

[practicalswift]

Confirming that the fix resolved this issue. Thanks for fixing!