Diffusion GnuPG ccf3ba92087e

g10: Fix regexp sanitization.
ccf3ba92087e
Actions

Tags

None

Subscribers

None

Description

g10: Fix regexp sanitization.

* g10/trustdb.c (sanitize_regexp): Only escape operators.

To sanitize a regular expression, quoting by backslash should be only
done for defined characters. POSIX defines 12 characters including
dot and backslash.

Quoting other characters is wrong, in two ways; It may build an
operator like: \b, \s, \w when using GNU library. Case ignored match
doesn't work, because quoting lower letter means literally and no
much to upper letter.

GnuPG-bug-id: T2923
Co-authored-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

Details

Provenance

Authored on Nov 9 2017, 6:03 AM

Parents

rG68284e150949: doc: Include NEWS from the 2.2.2 release

Branches

Unknown

Tags

Unknown

Tasks

T2923: trust signature domain restrictions don't work

Event Timeline

• gniibe added a task: T2923: trust signature domain restrictions don't work.Nov 9 2017, 7:39 AM

• gniibe committed rGccf3ba92087e: g10: Fix regexp sanitization. (authored by • gniibe).Nov 9 2017, 6:03 AM

• gniibe mentioned this in T2923: trust signature domain restrictions don't work.Nov 9 2017, 7:43 AM

• gniibe mentioned this in rG9ba0e2c76c0c: g10: Fix regexp sanitization..Dec 4 2017, 11:55 AM

• gniibe mentioned this in rG9441946e1824: g10: Fix regexp sanitization..

• gniibe mentioned this in rG0d0b9eb0d4f9: g10: Fix regexp sanitization..

Changes (1)

Path

Size

g10/

rGccf3ba92087e

g10/trustdb.c

Loading...