From fd550bc25a8472196af573c97ebf5c9ad1cb600e Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Tue, 10 Jan 2023 21:09:48 +0100
Subject: [PATCH] [ticket/security/275] Gracefully handle exceptions thrown by
 wrong cron route

SECURITY-275
---
 phpBB/cron.php | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

diff --git a/phpBB/cron.php b/phpBB/cron.php
index c99b772487..89b05c45d2 100644
--- a/phpBB/cron.php
+++ b/phpBB/cron.php
@@ -12,6 +12,8 @@
 */
 
 use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Exception\ExceptionInterface;
 
 /**
 */
@@ -30,8 +32,20 @@ $get_params_array = $request->get_super_global(\phpbb\request\request_interface:
 
 /** @var \phpbb\controller\helper $controller_helper */
 $controller_helper = $phpbb_container->get('controller.helper');
-$response = new RedirectResponse(
-	$controller_helper->route('phpbb_cron_run', $get_params_array, false),
-	301
-);
-$response->send();
+try
+{
+	$response = new RedirectResponse(
+		$controller_helper->route('phpbb_cron_run', $get_params_array, false),
+		Response::HTTP_MOVED_PERMANENTLY
+	);
+	$response->send();
+}
+catch(ExceptionInterface $exception)
+{
+	$language = $phpbb_container->get('language');
+	$response = new Response(
+		$language->lang('PAGE_NOT_FOUND'),
+		Response::HTTP_BAD_REQUEST
+	);
+	$response->send();
+}