From: joey <>
Date: Thu, 18 Nov 2004 13:23:05 +0000 (+0000)
Subject: Update from samosa: Ensure only a valid fingerprint is passed as input
X-Git-Tag: release-0.3.33~93
X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap-cgi.git;a=commitdiff_plain;h=17f6707119028c14472f67464cf1e97a47381a7e

Update from samosa: Ensure only a valid fingerprint is passed as input
---

diff --git a/fetchkey.cgi b/fetchkey.cgi
index 11257c5..d2d5881 100755
--- a/fetchkey.cgi
+++ b/fetchkey.cgi
@@ -1,6 +1,6 @@
 #!/usr/bin/perl -wT
 
-# $Id: fetchkey.cgi,v 1.3 2004/11/18 14:22:04 joey Exp $
+# $Id: fetchkey.cgi,v 1.4 2004/11/18 14:23:05 joey Exp $
 # (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
 
 use lib '.';
@@ -19,6 +19,8 @@ my $query = new CGI;
 print "Content-type: text/plain\n\n";
 
 my $fp = $query->param('fingerprint');
+$fp =~ /^([A-Fa-f0-9]+)$/;
+$fp = $1;
 
 if ($fp) {
   my $key = &Util::FetchKey($fp, 0);