aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Joey Hess <joey@kitenet.net>2013-11-02 14:00:05 -0400
committerGravatar Joey Hess <joey@kitenet.net>2013-11-02 14:44:10 -0400
commit15b4cd87363a872d0d165fa1c02c48a8cb63cccf (patch)
treef3a18ab69f857ccec0d69c9dfd11cc6d8a117fd1
parentce2d2b7669cc88d57bff364790c1fc6290e0986e (diff)
better control character sanity check
The msg contains a haskell-escaped string, so control characters in it can also be escaped. So this didn't work before, really. Got rid of the \n check, because current pairing messages actually do contain a \n, after the ssh public key. Don't want to break back-compatability.
-rw-r--r--Assistant/Threads/PairListener.hs8
1 files changed, 4 insertions, 4 deletions
diff --git a/Assistant/Threads/PairListener.hs b/Assistant/Threads/PairListener.hs
index 482b0923c..0d3be4660 100644
--- a/Assistant/Threads/PairListener.hs
+++ b/Assistant/Threads/PairListener.hs
@@ -16,6 +16,7 @@ import Assistant.WebApp.Types
import Assistant.Alert
import Assistant.DaemonStatus
import Utility.ThreadScheduler
+import Utility.Format
import Git
import Network.Multicast
@@ -45,8 +46,8 @@ pairListenerThread urlrenderer = namedThread "PairListener" $ do
case (wrongstage, sane, pairMsgStage m) of
-- ignore our own messages, and
-- out of order messages
- (True, _, _) -> go reqs cache sock
(_, False, _) -> go reqs cache sock
+ (True, _, _) -> go reqs cache sock
(_, _, PairReq) -> if m `elem` reqs
then go reqs (invalidateCache m cache) sock
else do
@@ -75,11 +76,10 @@ pairListenerThread urlrenderer = namedThread "PairListener" $ do
verified = verifiedPairMsg m pip
sameuuid = pairUUID (inProgressPairData pip) == pairUUID (pairMsgData m)
- {- Various sanity checks on the content of the message. -}
- checkSane msg
+ checkSane msg
{- Control characters could be used in a
- console poisoning attack. -}
- | any isControl msg || any (`elem` "\r\n") msg = do
+ | any isControl (filter (/= '\n') (decode_c msg)) = do
liftAnnex $ warning
"illegal control characters in pairing message; ignoring"
return False