https://bugs.koozali.org/show_bug.cgi?id=12274
Bug ID: 12274
Summary: string regex
Classification: Contribs
Product: SME Contribs
Version: 10.0
Hardware: ---
OS: ---
Status: CONFIRMED
Severity: normal
Priority: P3
Component: phpki-ng
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
Target Milestone: ---
review the change in ns_revoke_query.php
#header("Content-type: application/x-netscape-revocation");
# old Reg Ex doesnt work, new should do the work
#$regexp = "^R\t.*\t.*\t$serial\t.*\t.*$";
$regexp = "^R.*$serial.*$";
one should limit search to the serial only, not any string in the line or it
will lead to false results
V 271214045049Z 100001 unknown
/C=CA/ST=Quebec/L=r/O=r/O=c21f969b5f03d33d43e04f8f136e7682/OU=r/CN=jppialasse/[email protected]
R 271214095559Z 221214100755Z 100002 unknown
/C=CA/ST=Quebec/L=r/O=r/O=c21f969b5f03d33d43e04f8f136e7682/OU=r/CN=toot/[email protected]
V 241214100945Z 100003 unknown
/C=CA/ST=Quebec/L=r/O=r/O=c21f969b5f03d33d43e04f8f136e7682/OU=r/CN=toot/[email protected]
revoked lines have 1 more field, this could make one think the regex was wrong
also the $serial = escapeshellcmd(trim($_SERVER['QUERY_STRING']));
is wrong
https://stackoverflow.com/questions/1881582/whats-the-difference-between-escapeshellarg-and-escapeshellcmd
we know the string should be a numerical like 100001, then regex it, if wrong
reject it
escapeshellcmd is not appropriate to escap a single argument see
https://www.php.net/manual/en/function.escapeshellcmd.php
or we could just rely on is_numeric where letting 1337.0 accepted would not be
a huge risk.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug._______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
