Escape all reason for revocation messages.
- This is attacker controlled data which must be sanitizied.
This commit is contained in:
parent
13aa81300a
commit
3692280101
@ -44,6 +44,7 @@ use crate::cli::types::FileOrStdout;
|
||||
use crate::commands::packet::dump::PacketDumper;
|
||||
use crate::common::NULL_POLICY;
|
||||
use crate::common::PreferredUserID;
|
||||
use crate::common::ui;
|
||||
|
||||
/// Width of the largest key of any key, value pair we emit.
|
||||
const WIDTH: usize = 17;
|
||||
@ -570,7 +571,7 @@ fn print_reasons(output: &mut dyn io::Write,
|
||||
}
|
||||
if let Some(msg) = message {
|
||||
writeln!(output, "{:>WIDTH$} Message: {}", "",
|
||||
String::from_utf8_lossy(msg))?;
|
||||
ui::Safe(msg))?;
|
||||
}
|
||||
}
|
||||
Ok(())
|
||||
|
@ -26,6 +26,7 @@ use crate::Time;
|
||||
use crate::cli::types::cert_designator;
|
||||
use crate::cli;
|
||||
use crate::common::NULL_POLICY;
|
||||
use crate::common::ui;
|
||||
|
||||
/// Keys may either be grouped into a certificate or be bare.
|
||||
///
|
||||
@ -157,8 +158,7 @@ fn key_validity(sq: &Sq, cert: &Cert, key: Option<&Fingerprint>) -> Vec<String>
|
||||
reason_ = reason.to_string();
|
||||
if ! message.is_empty() {
|
||||
reason_.push_str(": ");
|
||||
reason_.push_str(&format!(
|
||||
"{:?}", String::from_utf8_lossy(message)));
|
||||
reason_.push_str(&ui::Safe(message).to_string());
|
||||
}
|
||||
&reason_
|
||||
} else {
|
||||
|
@ -56,6 +56,7 @@ use crate::{
|
||||
FileOrStdout,
|
||||
active_certification,
|
||||
},
|
||||
common::ui,
|
||||
output::{
|
||||
import::ImportStats,
|
||||
pluralize::Pluralize,
|
||||
@ -834,7 +835,7 @@ impl Response {
|
||||
{
|
||||
qprintln!(initial_indent = " - ",
|
||||
"revoked: {}, {}", reason,
|
||||
String::from_utf8_lossy(message));
|
||||
ui::Safe(message));
|
||||
} else {
|
||||
qprintln!(initial_indent = " - ",
|
||||
"revoked");
|
||||
@ -847,7 +848,7 @@ impl Response {
|
||||
{
|
||||
qprintln!(initial_indent = " - ",
|
||||
"possibly revoked: {}, {}", reason,
|
||||
String::from_utf8_lossy(message));
|
||||
ui::Safe(message));
|
||||
} else {
|
||||
qprintln!(initial_indent = " - ",
|
||||
"possibly revoked");
|
||||
|
@ -22,6 +22,7 @@ use self::openpgp::parse::{
|
||||
|
||||
use crate::Convert;
|
||||
use crate::cli::types::SessionKey;
|
||||
use crate::common::ui;
|
||||
use crate::Sq;
|
||||
|
||||
#[derive(Debug)]
|
||||
@ -909,9 +910,9 @@ impl<'a, 'b, 'c> PacketDumper<'a, 'b, 'c> {
|
||||
write!(output, "{} Signer's User ID: {}", i,
|
||||
String::from_utf8_lossy(u))?,
|
||||
ReasonForRevocation{code, ref reason} => {
|
||||
let reason = String::from_utf8_lossy(reason);
|
||||
write!(output, "{} Reason for revocation: {}{}{}", i, code,
|
||||
if reason.len() > 0 { ", " } else { "" }, reason)?
|
||||
if reason.len() > 0 { ", " } else { "" },
|
||||
ui::Safe(reason))?
|
||||
}
|
||||
Features(ref f) =>
|
||||
write!(output, "{} Features: {:?}", i, f)?,
|
||||
|
@ -16,7 +16,10 @@ use cli::types::userid_designator;
|
||||
use super::output::ConciseHumanReadableOutputNetwork;
|
||||
use super::output::OutputType;
|
||||
|
||||
use crate::Sq;
|
||||
use crate::{
|
||||
Sq,
|
||||
common::ui,
|
||||
};
|
||||
|
||||
const TRACE: bool = false;
|
||||
|
||||
@ -364,12 +367,7 @@ pub fn authenticate<'store, 'rstore>(
|
||||
weprintln!("Warning: {} is revoked: {}{}",
|
||||
cert.fingerprint(),
|
||||
reason,
|
||||
if message.is_empty() {
|
||||
"".to_string()
|
||||
} else {
|
||||
format!(": {:?}",
|
||||
String::from_utf8_lossy(message))
|
||||
});
|
||||
ui::Safe(message));
|
||||
} else {
|
||||
weprintln!("Warning: {} is revoked: unspecified reason",
|
||||
cert.fingerprint());
|
||||
|
@ -27,6 +27,7 @@ use crate::Convert;
|
||||
use crate::Sq;
|
||||
use crate::Time;
|
||||
use crate::common::ca_creation_time;
|
||||
use crate::common::ui;
|
||||
use crate::error_chain;
|
||||
use crate::output::wrapping::NBSP;
|
||||
use super::OutputType;
|
||||
@ -305,8 +306,7 @@ impl OutputType for ConciseHumanReadableOutputNetwork<'_, '_, '_> {
|
||||
reason_ = reason.to_string();
|
||||
if ! message.is_empty() {
|
||||
reason_.push_str(": ");
|
||||
reason_.push_str(&format!(
|
||||
"{:?}", String::from_utf8_lossy(message)));
|
||||
reason_.push_str(&ui::Safe(message).to_string());
|
||||
}
|
||||
&reason_
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user