phpki-ng/contribs10/phpki-ng-bz12274-regex-secu.patch

diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php phpki-ng/phpki-ng-0.84/ns_revoke_query.php
--- phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php      2022-11-18 14:43:19.940000000 -0500
+++ phpki-ng/phpki-ng-0.84/ns_revoke_query.php  2022-12-14 16:49:46.524000000 -0500
@@ -16,13 +16,16 @@
 #
 include('./config.php');
 include(STORE_DIR.'/config/config.php');
-
-$serial = escapeshellcmd(trim($_SERVER['QUERY_STRING']));
+$serial=trim($_SERVER['QUERY_STRING']);
+if ( ! is_numeric($serial) ) {
+    # if it is not a numerical serial, then it is not revoked!
+    print '0';
+    exit;
+}
+$serial = escapeshellcmd($serial);
 #header("Content-type: application/x-netscape-revocation");
 
-# old Reg Ex doesnt work, new should do the work
-#$regexp = "^R\t.*\t.*\t$serial\t.*\t.*$";
-$regexp = "^R.*$serial.*$";
+$regexp = "^R\t.*\t.*\t$serial\t.*\t.*$";
 $configIndex = $config['index'];
 
 if (exec("egrep '$regexp' '$configIndex'")) {
1	diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php phpki-ng/phpki-ng-0.84/ns_revoke_query.php
2	--- phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php 2022-11-18 14:43:19.940000000 -0500
3	+++ phpki-ng/phpki-ng-0.84/ns_revoke_query.php 2022-12-14 16:49:46.524000000 -0500
4	@@ -16,13 +16,16 @@
5	#
6	include('./config.php');
7	include(STORE_DIR.'/config/config.php');
8	-
9	-$serial = escapeshellcmd(trim($_SERVER['QUERY_STRING']));
10	+$serial=trim($_SERVER['QUERY_STRING']);
11	+if ( ! is_numeric($serial) ) {
12	+ # if it is not a numerical serial, then it is not revoked!
13	+ print '0';
14	+ exit;
15	+}
16	+$serial = escapeshellcmd($serial);
17	#header("Content-type: application/x-netscape-revocation");
18
19	-# old Reg Ex doesnt work, new should do the work
20	-#$regexp = "^R\t.\t.\t$serial\t.\t.$";
21	-$regexp = "^R.$serial.$";
22	+$regexp = "^R\t.\t.\t$serial\t.\t.$";
23	$configIndex = $config['index'];
24
25	if (exec("egrep '$regexp' '$configIndex'")) {