From 9f1925f8bb37e0d79520d53035f75f49310ef359 Mon Sep 17 00:00:00 2001
From: Damien Regad <dregad@mantisbt.org>
Date: Sun, 2 Feb 2020 21:53:34 +0100
Subject: [PATCH 1/5] Make sure given custom field data is an array

Fixes #26540
---
 api/soap/mc_project_api.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/api/soap/mc_project_api.php b/api/soap/mc_project_api.php
index f8abe3a9d8..d291e7245a 100644
--- a/api/soap/mc_project_api.php
+++ b/api/soap/mc_project_api.php
@@ -647,6 +647,12 @@ function mci_project_custom_fields_validate( $p_project_id, &$p_custom_fields )
 
 	$t_custom_field_values = array();
 	if( isset( $p_custom_fields ) ) {
+		if( !is_array( $p_custom_fields ) ) {
+			throw new ClientException(
+				"Invalid Custom Field '$p_custom_fields'",
+				ERROR_CUSTOM_FIELD_NOT_FOUND
+			);
+		}
 		foreach( $p_custom_fields as $t_custom_field ) {
 			$t_custom_field = ApiObjectFactory::objectToArray( $t_custom_field );
 

From 45636ef506c70c3f0cba302068d8541cee544376 Mon Sep 17 00:00:00 2001
From: Damien Regad <dregad@mantisbt.org>
Date: Sun, 2 Feb 2020 22:00:55 +0100
Subject: [PATCH 2/5] Fix PHP notice

Error API throws a PHP notice (invalid argument to foreach) because
ClientException is constructed with $p_param parameter containing a
string instead of an array.

When xdebug is enabled, this results in extraneous output in the REST
request's body.
---
 api/soap/mc_project_api.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/soap/mc_project_api.php b/api/soap/mc_project_api.php
index d291e7245a..bf15650047 100644
--- a/api/soap/mc_project_api.php
+++ b/api/soap/mc_project_api.php
@@ -660,7 +660,7 @@ function mci_project_custom_fields_validate( $p_project_id, &$p_custom_fields )
 				throw new ClientException(
 					'Custom field has no value specified.',
 					ERROR_EMPTY_FIELD,
-					"custom_field['value']"
+					array( "custom_field['value']" )
 				);
 			}
 
@@ -668,7 +668,7 @@ function mci_project_custom_fields_validate( $p_project_id, &$p_custom_fields )
 				throw new ClientException(
 					'Custom field with no specified id or name.',
 					ERROR_EMPTY_FIELD,
-					"custom_field['field']"
+					array( "custom_field['field']" )
 				);
 			}
 

From 021304c8fc148d5b8d9a7618785235135e092728 Mon Sep 17 00:00:00 2001
From: Damien Regad <dregad@mantisbt.org>
Date: Sun, 2 Feb 2020 22:02:43 +0100
Subject: [PATCH 3/5] PHPDoc, improve comment

---
 api/soap/mc_project_api.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/api/soap/mc_project_api.php b/api/soap/mc_project_api.php
index bf15650047..34675523a1 100644
--- a/api/soap/mc_project_api.php
+++ b/api/soap/mc_project_api.php
@@ -625,9 +625,11 @@ function mc_project_get_custom_fields( $p_username, $p_password, $p_project_id )
  * @param integer $p_project_id The project id.
  * @param array   $p_custom_fields The custom fields, may be not set.
  * @return bool|SoapFault|RestFault true or error.
+ *
+ * @throws ClientException
  */
 function mci_project_custom_fields_validate( $p_project_id, &$p_custom_fields ) {
-	# Load custom field definitions
+	# Load custom field definitions for the specified project
 	$t_related_custom_field_ids = custom_field_get_linked_ids( $p_project_id );
 	$t_custom_field_defs = array();
 	foreach( $t_related_custom_field_ids as $t_custom_field_id ) {

From b01b67797b94ceea2e60eebec701cbfa3b2dfa22 Mon Sep 17 00:00:00 2001
From: Damien Regad <dregad@mantisbt.org>
Date: Sun, 2 Feb 2020 22:22:27 +0100
Subject: [PATCH 4/5] Get & validate custom field using standard API

Use mci_get_custom_field_id_from_objectref() to retrieve the custom
field's id.

Throw exceptions if
- the returned Id == 0 (invalid field)
- the field is not linked to the current project

Fixes #26541
---
 api/soap/mc_project_api.php | 44 ++++++++++++++-----------------------
 1 file changed, 17 insertions(+), 27 deletions(-)

diff --git a/api/soap/mc_project_api.php b/api/soap/mc_project_api.php
index 34675523a1..9de79f6443 100644
--- a/api/soap/mc_project_api.php
+++ b/api/soap/mc_project_api.php
@@ -637,16 +637,6 @@ function mci_project_custom_fields_validate( $p_project_id, &$p_custom_fields )
 		$t_custom_field_defs[$t_custom_field_id] = $t_def;
 	}
 
-	$fn_normalize_name = function( $p_name, $p_custom_field_defs ) {
-		foreach( $p_custom_field_defs as $t_custom_field_def ) {
-			if( strcasecmp( $t_custom_field_def['name'], $p_name ) == 0 ) {
-				return $t_custom_field_def['name'];
-			}
-		}
-
-		return $p_name;
-	};
-
 	$t_custom_field_values = array();
 	if( isset( $p_custom_fields ) ) {
 		if( !is_array( $p_custom_fields ) ) {
@@ -674,25 +664,25 @@ function mci_project_custom_fields_validate( $p_project_id, &$p_custom_fields )
 				);
 			}
 
-			$t_custom_field['field'] = ApiObjectFactory::objectToArray( $t_custom_field['field'] );
-
-			if( isset( $t_custom_field['field']['id'] ) ) {
-				$t_def = $t_custom_field_defs[(int)$t_custom_field['field']['id']];
+			$t_custom_field_id = mci_get_custom_field_id_from_objectref( (object)$t_custom_field['field'] );
+			if( $t_custom_field_id == 0 ) {
+				throw new ClientException(
+					'Invalid Custom Field '
+					# Output JSON stripped of quotes to help caller identify offending field
+					. str_replace( '"', '', json_encode( $t_custom_field['field'] ) ),
+					ERROR_CUSTOM_FIELD_NOT_FOUND
+				);
+			} else {
+				# Make sure the custom field is linked to the current project
+				if( !isset( $t_custom_field_defs[$t_custom_field_id] ) ) {
+					throw new ClientException(
+						"Custom Field Id '$t_custom_field_id' not found in Project '$p_project_id'.",
+						ERROR_CUSTOM_FIELD_NOT_FOUND
+					);
+				}
+				$t_def = $t_custom_field_defs[$t_custom_field_id];
 				$t_custom_field_values[$t_def['name']] = $t_custom_field['value'];
-				continue;
-			}
-
-			if( isset( $t_custom_field['field']['name'] ) ) {
-				$t_name = $fn_normalize_name( $t_custom_field['field']['name'], $t_custom_field_defs );
-				$t_custom_field_values[$t_name] = $t_custom_field['value'];
-				continue;
 			}
-
-			throw new ClientException(
-				'Custom field with no specified id or name.',
-				ERROR_EMPTY_FIELD,
-				"custom_field['field']['id']"
-			);
 		}
 	}
 

From 94c96ac8818e0d446dd6823bacbb06d48aab825d Mon Sep 17 00:00:00 2001
From: Damien Regad <dregad@mantisbt.org>
Date: Sun, 2 Feb 2020 22:31:27 +0100
Subject: [PATCH 5/5] Fix undefined index PHP notice

If 'name' key is not defined, mci_get_custom_field_id_from_objectref()
throws a PHP notice, causing Slim to segfault.

Fixes #26542
---
 api/soap/mc_custom_field_api.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/soap/mc_custom_field_api.php b/api/soap/mc_custom_field_api.php
index 377dfc5acc..394360dfb4 100644
--- a/api/soap/mc_custom_field_api.php
+++ b/api/soap/mc_custom_field_api.php
@@ -38,7 +38,7 @@ function mci_get_custom_field_id_from_objectref( stdClass $p_object_ref ) {
 	if( isset( $p_object_ref['id'] ) && (int) $p_object_ref['id'] != 0 ) {
 		$t_id = (int)$p_object_ref['id'];
 	} else {
-		if( !is_blank( $p_object_ref['name'] ) ) {
+		if( isset( $p_object_ref['name'] ) && !is_blank( $p_object_ref['name'] ) ) {
 			$t_id = custom_field_get_id_from_name( $p_object_ref['name'] );
 		} else {
 			$t_id = 0;