Unsignedio
/
python-gnupg
mirror of https://github.com/markqvist/python-gnupg.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Update documentation for function _sanitise().

feature/documentation-builds-dirhtml
Isis Lovecruft 2013-03-06 15:37:27 +00:00
parent abab2c53f2
commit 6f4c7f757d
No known key found for this signature in database
GPG Key ID: A3ADB67A2CDB8B35
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
gnupg.py
View File

@ -765,6 +765,16 @@ def _is_allowed(input):
def _sanitise(*args, **kwargs):
"""
Take an arg or the key portion of a kwarg and check that it is in the set
of allowed GPG options and flags, and that it has the correct type. Then,
attempt to escape any unsafe characters. If an option is not allowed,
drop it with a logged warning. Returns a dictionary of all sanitised,
allowed options.
Each new option that we support that is not a boolean, but instead has
some extra inputs, i.e. "--encrypt-file foo.txt", will need some basic
safety checks added here.
GnuPG has three-hundred and eighteen commandline flags. Also, not all
implementations of OpenPGP parse PGP packets and headers in the same way,
so there is added potential there for messing with calls to GPG.