From 5dffd8873748a4ea28aad027baaab10cc50ec0cf Mon Sep 17 00:00:00 2001 From: epriestley Date: Mon, 23 Jun 2014 15:28:52 -0700 Subject: [PATCH] Fix validation of SSH keys with spaces in the comment field Summary: Fixes T5449. Keys are in the form ` `, where comments are optional and can have spaces. Test Plan: Tried these invalid keys: - Empty. - One part. - Invalid type. Tried these valid keys: - No comment. - Normal comment. - Comment with spaces. Reviewers: btrahan, chad Reviewed By: chad Subscribers: epriestley Maniphest Tasks: T5449 Differential Revision: https://secure.phabricator.com/D9701 --- .../panel/PhabricatorSettingsPanelSSHKeys.php | 33 +++++++++++-------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelSSHKeys.php b/src/applications/settings/panel/PhabricatorSettingsPanelSSHKeys.php index bfa7c3a07a..ae0af29505 100644 --- a/src/applications/settings/panel/PhabricatorSettingsPanelSSHKeys.php +++ b/src/applications/settings/panel/PhabricatorSettingsPanelSSHKeys.php @@ -379,22 +379,29 @@ final class PhabricatorSettingsPanelSSHKeys private static function parsePublicKey($entire_key) { $parts = str_replace("\n", '', trim($entire_key)); - $parts = preg_split('/\s+/', $parts); - if (count($parts) == 2) { - $parts[] = ''; // Add an empty comment part. - } else if (count($parts) == 3) { - // This is the expected case. - } else { - if (preg_match('/private\s*key/i', $entire_key)) { - // Try to give the user a better error message if it looks like - // they uploaded a private key. - throw new Exception( - pht('Provide your public key, not your private key!')); - } else { + // The third field (the comment) can have spaces in it, so split this + // into a maximum of three parts. + $parts = preg_split('/\s+/', $parts, 3); + + if (preg_match('/private\s*key/i', $entire_key)) { + // Try to give the user a better error message if it looks like + // they uploaded a private key. + throw new Exception( + pht('Provide your public key, not your private key!')); + } + + switch (count($parts)) { + case 1: throw new Exception( pht('Provided public key is not properly formatted.')); - } + case 2: + // Add an empty comment part. + $parts[] = ''; + break; + case 3: + // This is the expected case. + break; } list($type, $body, $comment) = $parts;