Permalink
Browse files

MDL-21802 backporting patch for vulnerability in CAS client library

  • Loading branch information...
1 parent f2c3640 commit 1a74d63f8a71bd6812cd2b4d055d28ae45959b07 @skodak skodak committed Mar 24, 2010
Showing with 22 additions and 27 deletions.
  1. +15 −27 auth/cas/CAS/client.php
  2. +7 −0 auth/cas/CAS/readme_moodle.txt
@@ -5984,33 +5984,21 @@ function getURL()
-
-
- $final_uri .= strtok($_SERVER['REQUEST_URI'],"?");
-
-
- $cgi_params = '?'.strtok("?");
-
-
- // remove the ticket if present in the CGI parameters
-
-
- $cgi_params = preg_replace('/&ticket=[^&]*/','',$cgi_params);
-
-
- $cgi_params = preg_replace('/\?ticket=[^&;]*/','?',$cgi_params);
-
-
- $cgi_params = preg_replace('/\?%26/','?',$cgi_params);
-
-
- $cgi_params = preg_replace('/\?&/','?',$cgi_params);
-
-
- $cgi_params = preg_replace('/\?$/','',$cgi_params);
-
-
- $final_uri .= $cgi_params;
+ $baseurl = split("\?", $_SERVER['REQUEST_URI'], 2);
+ $final_uri .= $baseurl[0];
+ $query_string = '';
+ if ($_GET) {
+ $kv = array();
+ foreach ($_GET as $key => $value) {
+ if($key !== "ticket"){
+ $kv[] = urlencode($key). "=" . urlencode($value);
+ }
+ }
+ $query_string = join("&", $kv);
+ }
+ if($query_string){
+ $final_uri .= "?" . $query_string;
+ }
$this->setURL($final_uri);
@@ -0,0 +1,7 @@
+PHP CAS library import
+
+List of changes:
+1/ backported fix for: http://www.ja-sig.org/issues/browse/PHPCAS-52 (MDL-21802)
+
+
+skodak

0 comments on commit 1a74d63

Please sign in to comment.