Regex hardening to fix CVE-2018-12356.

This commit is contained in:
PenTesting 2018-06-18 08:07:41 +03:00 committed by GitHub
parent a407c10b02
commit 4a1bf7bb51
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -26,7 +26,7 @@ if ! $VALID; then
exit 1
fi
if $VALID && $REVSIG; then
echo "$INPUT" | gpg --trust-model always "$@" | grep "\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" 2>/dev/null
echo "$INPUT" | gpg --trust-model always "$@" | grep "^\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" 2>/dev/null
echo "$GOODREVSIG"
else
echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null