Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F2998570
0001-SECURITY-Use-hash_equals-in-User-matchEditToken.patch
Tgr (Gergő Tisza)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Tgr
Nov 21 2015, 8:23 PM
2015-11-21 20:23:49 (UTC+0)
Size
888 B
Referenced Files
None
Subscribers
None
0001-SECURITY-Use-hash_equals-in-User-matchEditToken.patch
View Options
From cc684596561ef1275519042fc33c368e56a1a082 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gerg=C5=91=20Tisza?= <tgr.huwiki@gmail.com>
Date: Sat, 21 Nov 2015 11:51:02 -0800
Subject: [SECURITY] Use hash_equals in User::matchEditToken
There is no point in using hash_equals for the return value if we
do a normal comparison before.
Bug: T119309
Change-Id: Ia44ec5ed492105b27d0fddd845d58d27a29dc072
---
includes/User.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/includes/User.php b/includes/User.php
index 3d1aa7e..c548f76 100644
--- a/includes/User.php
+++ b/includes/User.php
@@ -4228,7 +4228,7 @@ class User implements IDBAccessObject {
$salt, $request ?: $this->getRequest(), $timestamp
);
- if ( $val != $sessionToken ) {
+ if ( !hash_equals( $sessionToken, $val ) ) {
wfDebug( "User::matchEditToken: broken session data\n" );
}
--
1.9.1
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3008078
Default Alt Text
0001-SECURITY-Use-hash_equals-in-User-matchEditToken.patch (888 B)
Attached To
Mode
T119309: User::matchEditToken should use constant-time string comparison
Attached
Detach File
Event Timeline
Log In to Comment