Insert the end-of-options marker before operation arguments.

thomas-chauchefoin-sonarsource · alecpl · commit 74c8f989cefb · 2022-02-10T08:50:44.000+01:00
This marker stops the parsing of additional options during external
calls to GPG. This behavior is unintended but its security impact is
dependent on the environment and the GPG version in use.
diff --git a/Crypt/GPG.php b/Crypt/GPG.php
@@ -427,7 +427,7 @@ public function deletePublicKey($keyId)
             );
         }
 
-        $operation = '--delete-key ' . escapeshellarg($fingerprint);
+        $operation = '--delete-key -- ' . escapeshellarg($fingerprint);
         $arguments = array(
             '--batch',
             '--yes'
@@ -474,7 +474,7 @@ public function deletePrivateKey($keyId)
             );
         }
 
-        $operation = '--delete-secret-key ' . escapeshellarg($fingerprint);
+        $operation = '--delete-secret-key -- ' . escapeshellarg($fingerprint);
         $arguments = array(
             '--batch',
             '--yes'
@@ -546,7 +546,7 @@ public function getKeys($keyId = '')
     public function getFingerprint($keyId, $format = self::FORMAT_NONE)
     {
         $output    = '';
-        $operation = '--list-keys ' . escapeshellarg($keyId);
+        $operation = '--list-keys -- ' . escapeshellarg($keyId);
         $arguments = array(
             '--with-colons',
             '--with-fingerprint'
@@ -1464,7 +1464,7 @@ protected function _exportKey($keyId, $armor = true, $private = false)
 
         $keyData   = '';
         $operation = $private ? '--export-secret-keys' : '--export';
-        $operation .= ' ' . escapeshellarg($fingerprint);
+        $operation .= ' -- ' . escapeshellarg($fingerprint);
         $arguments = $armor ? array('--armor') : array();
 
         $this->engine->reset();
diff --git a/Crypt/GPGAbstract.php b/Crypt/GPGAbstract.php
@@ -334,7 +334,7 @@ protected function _getKeys($keyId = '')
         if ($keyId == '') {
             $operation = '--list-secret-keys';
         } else {
-            $operation = '--utf8-strings --list-secret-keys ' . escapeshellarg($keyId);
+            $operation = '--utf8-strings --list-secret-keys -- ' . escapeshellarg($keyId);
         }
 
         // According to The file 'doc/DETAILS' in the GnuPG distribution, using
@@ -366,7 +366,7 @@ protected function _getKeys($keyId = '')
         if ($keyId == '') {
             $operation = '--list-public-keys';
         } else {
-            $operation = '--utf8-strings --list-public-keys ' . escapeshellarg($keyId);
+            $operation = '--utf8-strings --list-public-keys -- ' . escapeshellarg($keyId);
         }
 
         $output = '';
