makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/security-203] Do not add null values to versions info

Browse source 
Also stopped using reference for validate_versions() method argument.

SECURTIY-203
This commit is contained in:
Marc Alexander 2016-12-27 18:11:31 +01:00
parent 658820654f
commit ad251e4590
No known key found for this signature in database
GPG key ID: 50E0D2423696F995
2 changed files with 22 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
phpBB/phpbb/version_helper.php
View file

@ -315,7 +315,7 @@ class version_helper
$info['stable'] = (empty($info['stable'])) ? array() : $info['stable']; $info['stable'] = (empty($info['stable'])) ? array() : $info['stable'];
$info['unstable'] = (empty($info['unstable'])) ? $info['stable'] : $info['unstable']; $info['unstable'] = (empty($info['unstable'])) ? $info['stable'] : $info['unstable'];
$this->validate_versions($info); $info = $this->validate_versions($info);
$this->cache->put($cache_file, $info, 86400); // 24 hours $this->cache->put($cache_file, $info, 86400); // 24 hours
} }
@ -328,8 +328,10 @@ class version_helper
* *
* @param array $versions_info Decoded json data array. Will be modified * @param array $versions_info Decoded json data array. Will be modified
* and cleaned by this method * and cleaned by this method
*
* @return array Versions info array
*/ */
public function validate_versions(&$versions_info) public function validate_versions($versions_info)
{ {
$array_diff = array_diff_key($versions_info, array($this->version_schema)); $array_diff = array_diff_key($versions_info, array($this->version_schema));
@ -362,7 +364,7 @@ class version_helper
$version_data = array(); $version_data = array();
foreach ($this->version_schema[$stability_type] as $key => $value) foreach ($this->version_schema[$stability_type] as $key => $value)
{ {
if (isset($old_version_data[$key]) || $old_version_data[$key] === null) if (isset($old_version_data[$key]))
{ {
$version_data[$key] = $old_version_data[$key]; $version_data[$key] = $old_version_data[$key];
} }
@ -388,16 +390,13 @@ class version_helper
if (!empty($value) && !preg_match('#^' . get_preg_expression('url') . '$#iu', $value) && if (!empty($value) && !preg_match('#^' . get_preg_expression('url') . '$#iu', $value) &&
!preg_match('#^' . get_preg_expression('www_url') . '$#iu', $value)) !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $value))
{ {
$value = '';
throw new \RuntimeException($this->user->lang('VERSIONCHECK_INVALID_URL')); throw new \RuntimeException($this->user->lang('VERSIONCHECK_INVALID_URL'));
} }
break; break;
case 'version': case 'version':
$value = $value ?: ''; if (!empty($value) && !preg_match(get_preg_expression('semantic_version'), $value))
if (!preg_match(get_preg_expression('semantic_version'), $value))
{ {
$value = '';
throw new \RuntimeException($this->user->lang('VERSIONCHECK_INVALID_VERSION')); throw new \RuntimeException($this->user->lang('VERSIONCHECK_INVALID_VERSION'));
} }
break; break;
@ -409,5 +408,7 @@ class version_helper
} }
} }
} }
return $versions_info;
} }
} }

15
tests/version/version_helper_remote_test.php
View file

@ -172,7 +172,20 @@ class version_helper_remote_test extends \phpbb_test_case
'current' => '1.0.1', 'current' => '1.0.1',
'download' => 'https://www.phpbb.com/customise/db/download/104136', 'download' => 'https://www.phpbb.com/customise/db/download/104136',
'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/', 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/',
'eol' => null, 'security' => false,
))), 'VERSIONCHECK_INVALID_ENTRY'),
array('{
"unstable": {
"1.0": {
"current<script>alert(\'foo\');</script>": "1.0.1",
"download2": "https://www.phpbb.com/customise/db/download/104136",
"bannouncement": "https://www.phpbb.com/customise/db/extension/boardrules/",
"eol": null,
"security": false,
"foobar": "<script>alert(\'test\');<script>"
}
}
}', true, array('stable' => array(), 'unstable' => array('1.0' => array(
'security' => false, 'security' => false,
))), 'VERSIONCHECK_INVALID_ENTRY'), ))), 'VERSIONCHECK_INVALID_ENTRY'),
); );