Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

DDC-1500 - Fix potential security problem in EntityRepository ORDER B…

…Y orientations
  • Loading branch information...
commit 135e515e7f57a832c52802f42247dbefe974f855 1 parent 7ca43b7
Benjamin Eberlei beberlei authored
9 lib/Doctrine/ORM/ORMException.php
View
@@ -59,6 +59,15 @@ public static function unrecognizedField($field)
return new self("Unrecognized field: $field");
}
+ /**
+ * @param string $className
+ * @param string $field
+ */
+ public static function invalidOrientation($className, $field)
+ {
+ return new self("Invalid order by orientation specified for " . $className . "#" . $field);
+ }
+
public static function invalidFlushMode($mode)
{
return new self("'$mode' is an invalid flush mode.");
6 lib/Doctrine/ORM/Persisters/BasicEntityPersister.php
View
@@ -906,7 +906,6 @@ protected function _getSelectEntitiesSQL(array $criteria, $assoc = null, $lockMo
* @param array $orderBy
* @param string $baseTableAlias
* @return string
- * @todo Rename: _getOrderBySQL
*/
protected final function _getOrderBySQL(array $orderBy, $baseTableAlias)
{
@@ -917,6 +916,11 @@ protected function _getSelectEntitiesSQL(array $criteria, $assoc = null, $lockMo
throw ORMException::unrecognizedField($fieldName);
}
+ $orientation = strtoupper(trim($orientation));
+ if ($orientation != 'ASC' && $orientation != 'DESC') {
+ throw ORMException::invalidOrientation($this->_class->name, $fieldName);
+ }
+
$tableAlias = isset($this->_class->fieldMappings[$fieldName]['inherited']) ?
$this->_getSQLTableAlias($this->_class->fieldMappings[$fieldName]['inherited'])
: $baseTableAlias;
10 tests/Doctrine/Tests/ORM/Functional/EntityRepositoryTest.php
View
@@ -491,5 +491,15 @@ public function testSetDefaultRepositoryInvalidClassError()
$this->_em->getConfiguration()->setDefaultRepositoryClassName("Doctrine\Tests\Models\DDC753\DDC753InvalidRepository");
}
+ /**
+ * @group DDC-1500
+ */
+ public function testInvalidOrientation()
+ {
+ $this->setExpectedException('Doctrine\ORM\ORMException', 'Invalid order by orientation specified for Doctrine\Tests\Models\CMS\CmsUser#username');
+
+ $repo = $this->_em->getRepository('Doctrine\Tests\Models\CMS\CmsUser');
+ $repo->findBy(array('status' => 'test'), array('username' => 'INVALID'));
+ }
}
Please sign in to comment.
Something went wrong with that request. Please try again.