From 699687f503c63541a6e28501fa5f523b89c1915b Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 4 May 2017 18:51:36 -0400 Subject: sanitize gpg output and chat messages Just in case, only allow printable characters in this, not control characters. --- ControlWindow.hs | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'ControlWindow.hs') diff --git a/ControlWindow.hs b/ControlWindow.hs index c921fbb..99fd4d3 100644 --- a/ControlWindow.hs +++ b/ControlWindow.hs @@ -15,6 +15,7 @@ import ControlSocket import VirtualTerminal import Gpg import Gpg.Wot +import Output import System.IO import System.Environment @@ -24,8 +25,7 @@ import Control.Exception import Control.Concurrent.Async import Control.Concurrent.STM import Control.Concurrent.STM.TMChan -import qualified Data.ByteString as B -import Data.ByteString.UTF8 (fromString) +import Data.ByteString.UTF8 (fromString, toString) import Data.Char import Control.Monad import Data.Monoid @@ -128,7 +128,8 @@ displayInput ochan ichan promptchan responsechan = loop displayChatMessage :: ControlAction -> IO () displayChatMessage (ChatMessage username msg) = do - B.putStr $ "<" <> val username <> "> " <> val msg <> "\n" + putStrLn $ sanitizeForDisplay $ toString $ + "<" <> val username <> "> " <> val msg hFlush stdout displayChatMessage _ = return () @@ -138,7 +139,8 @@ askToAllow ochan _ _ (UnSigned pk) = atomically $ writeTMChan ochan $ askToAllow ochan promptchan responsechan k@(GpgSigned pk _ _) = do putStrLn "Someone wants to connect to this debug-me session." putStrLn "Checking their GnuPG signature ..." - v <- gpgVerify k + (v, gpgoutput) <- gpgVerify k + putStr $ unlines $ map sanitizeForDisplay $ lines $ toString gpgoutput case v of Nothing -> do putStrLn "Unable to download their GnuPG key, or signature verification failed." @@ -147,7 +149,8 @@ askToAllow ochan promptchan responsechan k@(GpgSigned pk _ _) = do putStrLn "Checking the GnuPG web of trust ..." ss <- isInStrongSet gpgkeyid ws <- downloadWotStats gpgkeyid - putStrLn $ describeWot ws ss + putStrLn $ unlines $ map sanitizeForDisplay $ + describeWot ws ss promptconnect where promptconnect :: IO () -- cgit v1.2.3