Skip to content

Commit

Permalink
[plugins] make pem certificate regexp stricter
Browse files Browse the repository at this point in the history 
This allow to apply do_*_private_sub() without fearing false positive.
Going through RFCs, PEM and OpenPGP use `-----BEGIN`, and only RFC4716
has a sligtly different syntax `---- BEGIN SSH2 PUBLIC KEY ----`.

Signed-off-by: Etienne Champetier <[email protected]>
  • Loading branch information
@champtar @arif-ali
champtar authored and arif-ali committed Jun 13, 2024
1 parent f9f52dc commit 21527d7
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion sos/report/plugins/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ def _node_type(st):
return ''


_certmatch = re.compile("-*BEGIN.*?-*END", re.DOTALL)
_certmatch = re.compile("----(?:-| )BEGIN.*?----(?:-| )END", re.DOTALL)
_cert_replace = "-----SCRUBBED"


Expand Down

0 comments on commit 21527d7

Please sign in to comment.