PHP8.1 fix for DiffusionServeController serveRequest()

Summary: When a 'git pull' is done to an https git URL, the $_SERVER variables PHP_AUTH_USER and PHP_AUTH_PW will be unset, causing PHP 8.1 to throw strlen(null) errors. This update fixes the issue by defaulting the values to '', which results in $have_user and $have_pass having false values as desired. Fixes T15520 Test Plan: arc unit Reviewers: O1 Blessed Committers, valerio.bozzolan Reviewed By: O1 Blessed Committers, valerio.bozzolan Subscribers: avivey, speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno Maniphest Tasks: T15520 Differential Revision: https://we.phorge.it/D25327
2024-11-22 14:52:41 +01:00 · 2023-07-04 12:01:51 +01:00 · 2023-07-04 12:01:51 +01:00 · 9bf5e17352
commit 9bf5e17352
parent 5e48e16f77
3 changed files with 25 additions and 2 deletions
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@ -1052,6 +1052,7 @@ phutil_register_library_map(array(
    'DiffusionSSHWorkflow' => 'applications/diffusion/ssh/DiffusionSSHWorkflow.php',
    'DiffusionSearchQueryConduitAPIMethod' => 'applications/diffusion/conduit/DiffusionSearchQueryConduitAPIMethod.php',
    'DiffusionServeController' => 'applications/diffusion/controller/DiffusionServeController.php',
+    'DiffusionServeControllerTestCase' => 'applications/diffusion/controller/__tests__/DiffusionServeControllerTestCase.php',
    'DiffusionServiceRef' => 'applications/diffusion/ref/DiffusionServiceRef.php',
    'DiffusionSetPasswordSettingsPanel' => 'applications/diffusion/panel/DiffusionSetPasswordSettingsPanel.php',
    'DiffusionSetupException' => 'applications/diffusion/exception/DiffusionSetupException.php',
@ -7103,6 +7104,7 @@ phutil_register_library_map(array(
    'DiffusionSSHWorkflow' => 'PhabricatorSSHWorkflow',
    'DiffusionSearchQueryConduitAPIMethod' => 'DiffusionQueryConduitAPIMethod',
    'DiffusionServeController' => 'DiffusionController',
+    'DiffusionServeControllerTestCase' => 'PhabricatorTestCase',
    'DiffusionServiceRef' => 'Phobject',
    'DiffusionSetPasswordSettingsPanel' => 'PhabricatorSettingsPanel',
    'DiffusionSetupException' => 'Exception',
--- a/src/applications/diffusion/controller/DiffusionServeController.php
+++ b/src/applications/diffusion/controller/DiffusionServeController.php
@ -183,8 +183,8 @@ final class DiffusionServeController extends DiffusionController {
    // won't prompt users who provide a username but no password otherwise.
    // See T10797 for discussion.

-    $have_user = strlen(idx($_SERVER, 'PHP_AUTH_USER'));
-    $have_pass = strlen(idx($_SERVER, 'PHP_AUTH_PW'));
+    $have_user = strlen(idx($_SERVER, 'PHP_AUTH_USER', ''));
+    $have_pass = strlen(idx($_SERVER, 'PHP_AUTH_PW', ''));
    if ($have_user && $have_pass) {
      $username = $_SERVER['PHP_AUTH_USER'];
      $password = new PhutilOpaqueEnvelope($_SERVER['PHP_AUTH_PW']);
--- a/src/applications/diffusion/controller/tests/DiffusionServeControllerTestCase.php
+++ b/src/applications/diffusion/controller/tests/DiffusionServeControllerTestCase.php
@ -0,0 +1,21 @@
+<?php
+
+final class DiffusionServeControllerTestCase extends PhabricatorTestCase {
+  protected function getPhabricatorTestCaseConfiguration() {
+    return array(
+      self::PHABRICATOR_TESTCONFIG_BUILD_STORAGE_FIXTURES => true,
+    );
+  }
+
+  public function testHandleRequest() {
+    $aphront_request = new AphrontRequest('example.com', '/');
+    $diffusion_serve_controller = new DiffusionServeController();
+
+    $diffusion_serve_controller->setRequest($aphront_request);
+    $result = $diffusion_serve_controller->handleRequest($aphront_request);
+    $this->assertTrue(true, 'handleRequest did not throw an error');
+    $this->assertTrue($result instanceof PhabricatorVCSResponse,
+      'handleRequest() returns PhabricatorVCSResponse object');
+  }
+
+}