Project

General

Profile

Download (1.09 KB)

Bug #23675 » fix_15898.sh

Administrator Admin, 2010-10-05 13:57

 
#!/bin/bash

# Hotfix script for TYPO3 bug #15898
#
# This script will search for affected files within MYPATH (can be changed
# below) and fixes every file automatically, keeping a backup copy with
# suffix ".<timestamp>" in the same directory. Permissions and ownership
# of the files will be preserved.
#
# Author: Michael Stucki <michael@typo3.org>
# Author: Marcus Krause <marcus#exp2010@t3sec.info>
# For questions, please contact <security@typo3.org>
#
# Usage:
# 1) Make this script executable
# 2) Run this script
#
# chmod a+x ./fix_15898.sh
# ./fix_15898.sh
#
# How to check if the fix was successful:
# Search the whole system for files named "class.tslib_fe.php" that
# contain the string "$juHash === $calcJuHash"
# (note the type-safe comparison!)

# Start path: Search for affected files within this directory. Leave
# default if unsure.
MYPATH=/

# Do not change these values!
SEARCH='($juHash == $calcJuHash)'
REPLACE='($juHash === $calcJuHash)'

for FILE in $(find $MYPATH -type f -name "class.tslib_fe.php"); do
echo "Fixing file $FILE..."
sed -i.$(date +%s) "s/$SEARCH/$REPLACE/" $FILE
done
(9-9/9)