php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #81460 Bad validation of input parameters of report.php
Submitted: 2021-09-19 22:51 UTC Modified: 2022-05-27 19:01 UTC
From: ddpm at liscovius dot de Assigned: aaronjunker (profile)
Status: Closed Package: Website problem
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: ddpm at liscovius dot de
New email:
PHP Version: OS:

 

 [2021-09-19 22:51 UTC] ddpm at liscovius dot de 
Description:
------------
Just trying if a bug appears also on live system.
Triggered it on my dev environment.

Test script:
---------------
will do github PR if verified.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-09-19 22:55 UTC] ddpm at liscovius dot de 
Seems ok here. I used PHP8.1RC2 on my dev box.

I assume bugs.php.net uses an older version or suppresses errors.
 [2021-09-20 07:59 UTC] cmb@php.net 
> I assume bugs.php.net uses an older version or suppresses
> errors.

Likely both.

> will do github PR if verified.

Would be welcome anyway.
 [2021-09-23 12:41 UTC] nikic@php.net
-Status: Open +Status: Not a bug
 [2021-09-23 12:41 UTC] nikic@php.net 
Assuming this is no longer needed...
 [2021-09-24 16:36 UTC] ddpm at liscovius dot de 
You might change the title to 'better validation of input parameters of report.php' or something like that.

I got full path with PHP8 when I change the in[passwd] to in[passwd][ooops] in the report.php form as POST parameter in[passwd]

Better add is_string() or similiar check before passing to hash_hmac().

Fatal error: Uncaught TypeError: hash_hmac(): Argument #2 ($data) must be of type string, array given in /var/www/html/bugs/include/functions.php:1692 Stack trace: #0 /var/www/html/bugs/include/functions.php(1692): hash_hmac() #1 /var/www/html/bugs/www/report.php(224): bugs_get_hash() #2 {main} thrown in /var/www/html/bugs/include/functions.php on line 1692

Also spits 'Warning: Undefined array key "package_name" in /var/www/html/bugs/www/report.php on line 70' when I submit form without selecting a package_name on local dev engine with PHP8.0.10
 [2021-09-24 16:49 UTC] cmb@php.net
-Summary: just a live bug test +Summary: Bad validation of input parameters of report.php -Status: Not a bug +Status: Re-Opened
 [2021-09-24 16:49 UTC] cmb@php.net 
Thank you for the clarification!  A PR would be welcome.
 [2021-09-24 17:44 UTC] ddpm at liscovius dot de 
I **quickly** made some edits:

https://github.com/php/web-bugs/pull/103

and 

https://github.com/php/web-bugs/pull/104

Please test/review.
 [2022-05-27 19:01 UTC] aaronjunker@php.net
-Status: Re-Opened +Status: Closed -Assigned To: +Assigned To: aaronjunker
 [2022-05-27 19:01 UTC] aaronjunker@php.net 
The fix for this bug has been committed. Since the websites are not directly
updated from the repository, the fix might need some time to spread
across the globe to all mirror sites, including PHP.net itself.

Thank you for the report, and for helping us make PHP.net better.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Dec 21 17:01:58 2024 UTC