acme client: fix #3536 untaint data returned from acme server

[proxmox-acme.git] / src / PVE / ACME.pm

diff --git a/src/PVE/ACME.pm b/src/PVE/ACME.pm
index c5b8d669f8b1496e1c451cb4d0ff264c519ec97e..265482d8bc6434b2db94d1025ccd204cd487abfc 100644 (file)
--- a/src/PVE/ACME.pm
+++ b/src/PVE/ACME.pm
@@ -69,7 +69,9 @@ sub tojs($;%) { # shortcut for to_json with utf8=>1
 }
 
 sub fromjs($) {
-    return from_json($_[0]);
+    my ($data) = @_;
+    ($data) = ($data =~ /^(.*)$/s); # untaint from_json croaks on error anyways.
+    return from_json($data);
 }
 
 sub fatal($$;$$) {
@@ -449,7 +451,13 @@ sub get_certificate {
        if !$order->{certificate};
 
     my $r = $self->do(POST => $order->{certificate}, '');
-    my $return = eval { __get_result($r, 200, 1); };
+    my $return = eval {
+       my $res = __get_result($r, 200, 1);
+       if ($res =~ /^(-----BEGIN CERTIFICATE-----)(.+)(-----END CERTIFICATE-----)$/s) { # untaint
+           return $1 . $2 . $3;
+       }
+       die "Server reply does not look like a PEM encoded certificate\n";
+    };
     $self->fatal("POST of '$order->{certificate}' failed - $@", $r) if $@;
     return $return;
 }