Bug #86599

PHP Warning when calling /?eID=dumpFile

Added by Sascha Egerer 9 days ago. Updated 9 days ago.

Status:
Under Review
Priority:
Should have
Assignee:
Category:
Code Cleanup
Target version:
Start date:
2018-10-09
Due date:
% Done:

0%

TYPO3 Version:
9
PHP Version:
Tags:
Complexity:
easy
Is Regression:
Sprint Focus:
Remote Sprint

Description

In /typo3/sysext/core/Classes/Controller/FileDumpController.php:57 a null value may be passed to the hash_equals function if no token parameter is given.

Steps to reproduce:
Open https://yoursite.tld/?eID=dumpFile

PHP Warning: hash_equals(): Expected user_string to be a string, null given in /var/www/public/typo3/sysext/core/Classes/Controller/FileDumpController.php line 57

History

#1 Updated by Gerrit Code Review 9 days ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/58596

#2 Updated by Gerrit Code Review 9 days ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/58596

#3 Updated by Gerrit Code Review 9 days ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/58596

#4 Updated by Gerrit Code Review 9 days ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/58596

Also available in: Atom PDF