recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Fix validation of SSH keys with spaces in the comment field

Summary: Fixes T5449. Keys are in the form `<type> <key> <comments>`, where comments are optional and can have spaces.

Test Plan:
Tried these invalid keys:

- Empty.
- One part.
- Invalid type.

Tried these valid keys:

- No comment.
- Normal comment.
- Comment with spaces.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5449

Differential Revision: https://secure.phabricator.com/D9701

epriestley 5dffd887 dd91732d

+20 -13
+20 -13
src/applications/settings/panel/PhabricatorSettingsPanelSSHKeys.php
··· 379 379 380 380 private static function parsePublicKey($entire_key) { 381 381 $parts = str_replace("\n", '', trim($entire_key)); 382 - $parts = preg_split('/\s+/', $parts); 382 + 383 + // The third field (the comment) can have spaces in it, so split this 384 + // into a maximum of three parts. 385 + $parts = preg_split('/\s+/', $parts, 3); 386 + 387 + if (preg_match('/private\s*key/i', $entire_key)) { 388 + // Try to give the user a better error message if it looks like 389 + // they uploaded a private key. 390 + throw new Exception( 391 + pht('Provide your public key, not your private key!')); 392 + } 383 393 384 - if (count($parts) == 2) { 385 - $parts[] = ''; // Add an empty comment part. 386 - } else if (count($parts) == 3) { 387 - // This is the expected case. 388 - } else { 389 - if (preg_match('/private\s*key/i', $entire_key)) { 390 - // Try to give the user a better error message if it looks like 391 - // they uploaded a private key. 392 - throw new Exception( 393 - pht('Provide your public key, not your private key!')); 394 - } else { 394 + switch (count($parts)) { 395 + case 1: 395 396 throw new Exception( 396 397 pht('Provided public key is not properly formatted.')); 397 - } 398 + case 2: 399 + // Add an empty comment part. 400 + $parts[] = ''; 401 + break; 402 + case 3: 403 + // This is the expected case. 404 + break; 398 405 } 399 406 400 407 list($type, $body, $comment) = $parts;