mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-25 16:22:43 +01:00
Fix PhabricatorAuthCSRFEngine.php strncmp(null) PHP 8.1 error
Summary: Update PhabricatorAuthCSRFEngine.php such that it doesn't fall over when provided with a null CSRF token under PHP 8.1 Fixes T15654 Test Plan: Do a POST request to phorge. Reviewers: O1 Blessed Committers, valerio.bozzolan Reviewed By: O1 Blessed Committers, valerio.bozzolan Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno Maniphest Tasks: T15654 Differential Revision: https://we.phorge.it/D25449
This commit is contained in:
parent
7b0021a03c
commit
318d7a61fe
1 changed files with 4 additions and 1 deletions
|
@ -47,7 +47,10 @@ final class PhabricatorAuthCSRFEngine extends Phobject {
|
||||||
// We expect a BREACH-mitigating token. See T3684.
|
// We expect a BREACH-mitigating token. See T3684.
|
||||||
$breach_prefix = $this->getBREACHPrefix();
|
$breach_prefix = $this->getBREACHPrefix();
|
||||||
$breach_prelen = strlen($breach_prefix);
|
$breach_prelen = strlen($breach_prefix);
|
||||||
if (strncmp($token, $breach_prefix, $breach_prelen) !== 0) {
|
if (
|
||||||
|
$token === null ||
|
||||||
|
strncmp($token, $breach_prefix, $breach_prelen) !== 0
|
||||||
|
) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue