From db6ea0aafd0f9bc214577c9d14d2daa3bceb0e07 Mon Sep 17 00:00:00 2001
From: Wytze van der Raay <wytze@cacert.org>
Date: Thu, 20 Jun 2013 10:14:33 +0000
Subject: [PATCH] Fix for https://bugs.cacert.org/view.php?id=1159 "it might be
 possible to execute commands on the signing server"

---
 CommModule/server.pl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CommModule/server.pl b/CommModule/server.pl
index c70bc9a..6084042 100755
--- a/CommModule/server.pl
+++ b/CommModule/server.pl
@@ -955,10 +955,10 @@ sub analyze($)
   if($bytes[1] == 0) # NUL Request
   {
     SysLog "NUL Request detected.\n";
-    if($fields[1])
+    if($fields[1] =~ /^\d+\.\d+$/)
     {
       open OUT,">timesync.sh";
-      print OUT "date -u $fields[1]\n";
+      print OUT "date -u '$fields[1]'\n";
       print OUT "hwclock --systohc\n";
       close OUT;
     }