1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-24 06:20:56 +01:00
No description
Find a file
epriestley 7cf0358dda Disallow email addresses which will overflow MySQL storage
Summary:
Via HackerOne. An attacker can bypass `auth.email-domains` by registering with an email like:

  aaaaa...aaaaa@evil.com@company.com

We'll validate the full string, then insert it into the database where it will be truncated, removing the `@company.com` part. Then we'll send an email to `@evil.com`.

Instead, reject email addresses which won't fit in the table.

`STRICT_ALL_TABLES` stops this attack, I'm going to add a setup warning encouraging it.

Test Plan:
  - Set `auth.email-domains` to `@company.com`.
  - Registered with `aaa...aaa@evil.com@company.com`. Previously this worked, now it is rejected.
  - Did a valid registration.
  - Tried to add `aaa...aaaa@evil.com@company.com` as an email address. Previously this worked, now it is rejected.
  - Did a valid email add.
  - Added and executed unit tests.

Reviewers: btrahan, arice

Reviewed By: arice

CC: aran, chad

Differential Revision: https://secure.phabricator.com/D8308
2014-02-23 10:19:35 -08:00
bin Write a very basic string extractor 2014-02-05 11:02:41 -08:00
conf Remove tokenizer.ondemand, and always load on demand 2014-02-14 10:24:40 -08:00
externals Fix phpmailer-lite bug 2014-02-20 17:24:51 -08:00
resources Fix non-icon token height 2014-02-21 12:16:18 -08:00
scripts Add ButtonBar icons 2014-02-09 10:22:12 -08:00
src Disallow email addresses which will overflow MySQL storage 2014-02-23 10:19:35 -08:00
support Break Aphlict's flash policy server into a separate class 2014-02-17 16:01:09 -08:00
webroot Fix non-icon token height 2014-02-21 12:16:18 -08:00
.arcconfig Use JsShrink if jsxmin is not available 2013-05-18 17:04:22 -07:00
.divinerconfig Centralize rendering of application mail bodies 2012-07-16 19:01:43 -07:00
.editorconfig Specify config for text editors 2012-11-03 22:34:44 -07:00
.gitignore Drive all Celerity operations from the new map 2013-12-31 18:04:25 -08:00
LICENSE Delete license headers from files 2012-11-05 11:16:51 -08:00
NOTICE Increment year. 2013-01-03 05:45:08 -08:00
README Modernize README 2014-01-24 12:28:54 -08:00

Phabricator is an open source collection of web applications which help
software companies build better software.

Phabricator includes applications for:

  - reviewing and auditing source code;
  - hosting and browsing repositories;
  - assembling a party to venture forth;
  - tracking bugs;
  - hiding stuff from coworkers; and
  - also some other things.

You can learn more about the project (and find links to documentation and
resources) here:

  http://phabricator.org/

Phabricator is developed and maintained by Phacility. The first version of
Phabricator was originally built at Facebook.

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.