From e8c77cfedd70220927baebbadac29488730e5c5e Mon Sep 17 00:00:00 2001
From: Axel Svensson <mail@axelsvensson.com>
Date: Wed, 19 Oct 2022 17:56:46 +0200
Subject: [PATCH] Validate input file name

---
 pdf-sign | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pdf-sign b/pdf-sign
index 7f3c5af..b83a954 100755
--- a/pdf-sign
+++ b/pdf-sign
@@ -9,6 +9,8 @@ signatureDir=os.path.expanduser(os.environ['PDF_SIGNATURE_DIR'] if 'PDF_SIGNATUR
 # Inspired by https://unix.stackexchange.com/a/141496
 def main(args):
     filePath=args.input
+    if not m("^.*\.(pdf|PDF)$", filePath):
+        die("Input file must end with .pdf or .PDF")
     with tempfile.TemporaryDirectory() as tempdir:
         intmp=lambda fileName: os.path.join(tempdir, fileName)
         # Maybe flatten (make forms non-editable) before signing