Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F12773781
Patch for T185652
No One
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Mainframe98
Jan 24 2018, 7:58 PM
2018-01-24 19:58:42 (UTC+0)
Size
1 KB
Referenced Files
None
Subscribers
None
Patch for T185652
View Options
From 7f97484dafd8e70b73ee1e1b1767399f2cd5a3e6 Mon Sep 17 00:00:00 2001
From: mainframe98 <k.s.werf@hotmail.com>
Date: Wed, 24 Jan 2018 20:51:34 +0100
Subject: [PATCH] SECURITY: Don't query API with format=php
This requires unserialization of potentially unsafe php code,
which is dangerous, even if the source is trusted.
Because the default configuration does not use https when
querying the API, this causes a security vulnerability.
Bug: T185652
---
AutoProxyBlock.body.php | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/AutoProxyBlock.body.php b/AutoProxyBlock.body.php
index 115df1d..9f2e307 100644
--- a/AutoProxyBlock.body.php
+++ b/AutoProxyBlock.body.php
@@ -112,12 +112,12 @@ class AutoProxyBlock {
}
static function requestForeignAPI( $url, $options ) {
- $url .= '?format=php';
- foreach($options as $param => $value) {
+ $url .= '?format=json';
+ foreach( $options as $param => $value ) {
$url .= '&'.$param.'='.$value;
}
- $content = Http::get($url);
- return unserialize($content);
+ $content = Http::get( $url );
+ return json_decode( $content );
}
}
--
2.16.0.windows.2
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5434270
Default Alt Text
Patch for T185652 (1 KB)
Attached To
Mode
T185652: AutoProxyBlock uses unserialization on externally obtained php code
Attached
Detach File
Event Timeline
Log In to Comment