Merge pull request #161 from PenTesting/patch-1
Regex hardening to fix CVE-2018-12356.
This commit is contained in:
commit
047abede75
1 changed files with 1 additions and 1 deletions
|
@ -26,7 +26,7 @@ if ! $VALID; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
if $VALID && $REVSIG; then
|
if $VALID && $REVSIG; then
|
||||||
echo "$INPUT" | gpg --trust-model always "$@" | grep "\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" 2>/dev/null
|
echo "$INPUT" | gpg --trust-model always "$@" | grep "^\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" 2>/dev/null
|
||||||
echo "$GOODREVSIG"
|
echo "$GOODREVSIG"
|
||||||
else
|
else
|
||||||
echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null
|
echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null
|
||||||
|
|
Loading…
Reference in a new issue