Page MenuHomePhabricator
Files F2998570

0001-SECURITY-Use-hash_equals-in-User-matchEditToken.patch
Tgr (Gergő Tisza)
Actions

Authored By
Tgr
Nov 21 2015, 8:23 PM
Size
888 B
Referenced Files
None
Subscribers
None

0001-SECURITY-Use-hash_equals-in-User-matchEditToken.patch
View Options

From cc684596561ef1275519042fc33c368e56a1a082 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gerg=C5=91=20Tisza?= <tgr.huwiki@gmail.com>
Date: Sat, 21 Nov 2015 11:51:02 -0800
Subject: [SECURITY] Use hash_equals in User::matchEditToken
There is no point in using hash_equals for the return value if we
do a normal comparison before.
Bug: T119309
Change-Id: Ia44ec5ed492105b27d0fddd845d58d27a29dc072
---
includes/User.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/includes/User.php b/includes/User.php
index 3d1aa7e..c548f76 100644
--- a/includes/User.php
+++ b/includes/User.php
@@ -4228,7 +4228,7 @@ class User implements IDBAccessObject {
$salt, $request ?: $this->getRequest(), $timestamp
);
- if ( $val != $sessionToken ) {
+ if ( !hash_equals( $sessionToken, $val ) ) {
wfDebug( "User::matchEditToken: broken session data\n" );
}
--
1.9.1

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3008078
Default Alt Text
0001-SECURITY-Use-hash_equals-in-User-matchEditToken.patch (888 B)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL