Menu
▾
▴
[mantisbt-cvs] SF.net SVN: mantisbt:[5680] trunk/mantisbt/core/utility_api.php
|
From: <gi...@us...> - 2008-10-17 15:11:32
|
Revision: 5680
http://mantisbt.svn.sourceforge.net/mantisbt/?rev=5680&view=rev
Author: giallu
Date: 2008-10-17 15:11:22 +0000 (Fri, 17 Oct 2008)
Log Message:
-----------
Fix 9704: (manage_proj_page.php) Remote Code Execution Exploit
Modified Paths:
--------------
trunk/mantisbt/core/utility_api.php
Modified: trunk/mantisbt/core/utility_api.php
===================================================================
--- trunk/mantisbt/core/utility_api.php 2008-10-17 15:10:53 UTC (rev 5679)
+++ trunk/mantisbt/core/utility_api.php 2008-10-17 15:11:22 UTC (rev 5680)
@@ -151,8 +151,11 @@
$t_factor = 1;
}
- $t_function = create_function( '$a, $b', "return $t_factor * strnatcasecmp( \$a['$p_key'], \$b['$p_key'] );" );
- uasort( $p_array, $t_function );
+ // Security measure: see http://www.mantisbt.org/bugs/view.php?id=9704 for details
+ if ( array_key_exist( $p_array, $p_key ) ) {
+ $t_function = create_function( '$a, $b', "return $t_factor * strnatcasecmp( \$a['$p_key'], \$b['$p_key'] );" );
+ uasort( $p_array, $t_function );
+ }
return $p_array;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|