Bug #86599
closed
PHP Warning when calling /?eID=dumpFile
100%
Description
In /typo3/sysext/core/Classes/Controller/FileDumpController.php:57 a null value may be passed to the hash_equals function if no token parameter is given.
Steps to reproduce:
Open https://yoursite.tld/?eID=dumpFile
PHP Warning: hash_equals(): Expected user_string to be a string, null given in /var/www/public/typo3/sysext/core/Classes/Controller/FileDumpController.php line 57
Updated by Gerrit Code Review about 6 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/58596
Updated by Gerrit Code Review about 6 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/58596
Updated by Gerrit Code Review about 6 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/58596
Updated by Gerrit Code Review about 6 years ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/58596
Updated by Gerrit Code Review about 6 years ago
Patch set 1 for branch TYPO3_8-7 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/58713
Updated by Sascha Egerer about 6 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset e52a91c8066156966da904069116eaf8f8b42776.
Updated by