From 699687f503c63541a6e28501fa5f523b89c1915b Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Thu, 4 May 2017 18:51:36 -0400
Subject: sanitize gpg output and chat messages

Just in case, only allow printable characters in this, not control
characters.
---
 Verify.hs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'Verify.hs')

diff --git a/Verify.hs b/Verify.hs
index b2f3805..63e81f6 100644
--- a/Verify.hs
+++ b/Verify.hs
@@ -12,9 +12,11 @@ import Crypto
 import Gpg
 import Hash
 import PrevActivity
+import Output
 
 import Control.Concurrent.STM
 import Data.Maybe
+import Data.ByteString.UTF8 (toString)
 
 verify :: VerifyOpts -> IO ()
 verify opts = go 1 startState =<< streamLog (verifyLogFile opts)
@@ -66,7 +68,8 @@ mkRecentActivity st = return (sigVerifier st, prevHashes st)
 
 addSessionKey :: Integer -> PerhapsSigned PublicKey -> State -> IO State
 addSessionKey lineno p@(GpgSigned pk _ _) st = do
-	mkid <- gpgVerify p
+	(mkid, gpgoutput) <- gpgVerify p
+	putStr $ unlines $ map sanitizeForDisplay $ lines $ toString gpgoutput
 	case mkid of
 		Nothing -> lineError lineno "Bad GnuPG signature."
 		Just _ -> do
-- 
cgit v1.2.3