Project

General

Profile

Actions

Bug #100097

open

Long external parameters causes TYPO3 crash in Extbase Routing Enhancer

Added by Marc Willmann over 1 year ago. Updated about 1 month ago.

Status:
Under Review
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2023-03-06
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

If an external parameter is added to a page, which is resolved using an Routing-Enhancer, this might cause a crash, if the parameter name is too long.

Steps to reproduce:

You need a page with configured Extbase Plugin Enhancer.
If you call this page it should work in the frontend with the normal output of the extbase plugin used.
If you call this page with a manipulated URL (add a long parameter, e.g. ?L_Instagram_FeedAd_EstimatedAdRecall=whatever you see an error in the frontend.

I expect the non-TYPO3 parameter is simply ignored.

I have stripped this down to https://github.com/TYPO3/typo3/blob/main/typo3/sysext/core/Classes/Routing/Enhancer/VariableProcessor.php#L61

if the parameter is longer than 31 chars and it's not a valid hash, the OutOfRangeException is throwed, which leads to an error in the frontend.

As for shorter parameters the input argument is simply returned, I suggest to change the method resolveHash to return the value from $this->hashes, if the key $hash exists, and $hash otherwise.

This would make the method shorter and more stable.

I'm unsure, if this might have unwanted side effects.

I found this in a TYPO3 10.4.36 instance, but the method and the error is also in current main. It seems not related to the PHP version.

Actions #1

Updated by Gerrit Code Review over 1 year ago

  • Status changed from New to Under Review

Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78036

Actions #2

Updated by Gerrit Code Review over 1 year ago

Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78036

Actions #3

Updated by Marc Willmann over 1 year ago

In my patch proposal the test suite fails because the OutOfRangeException is not thrown anymore. This is correct. Of course, the test can be changed, but I want to leave this untouched for the moment to discuss if the suggested solution is dangerous in any way.

Actions #4

Updated by Gerrit Code Review over 1 year ago

Patch set 3 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78036

Actions #5

Updated by Gerrit Code Review about 1 month ago

Patch set 4 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78036

Actions

Also available in: Atom PDF