Skip to content

Commit 1ac863c

Browse files
committed
bug #4611 [security] DOS attack with long passwords
Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>
1 parent 9b2479b commit 1ac863c

File tree

4 files changed

+25
-0
lines changed

4 files changed

+25
-0
lines changed

Diff for: ChangeLog

+1
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ phpMyAdmin - ChangeLog
33

44
4.2.13.1 (not yet released)
55
- bug #4612 [security] XSS vulnerability in redirection mechanism
6+
- bug #4611 [security] DOS attack with long passwords
67

78
4.2.13.0 (2014-11-30)
89
- bug #4604 Query history not being deleted

Diff for: libraries/common.inc.php

+5
Original file line numberDiff line numberDiff line change
@@ -859,6 +859,9 @@
859859
. ' ' . $cfg['Server']['auth_type']
860860
);
861861
}
862+
if (isset($_REQUEST['pma_password'])) {
863+
$_REQUEST['pma_password'] = substr($_REQUEST['pma_password'], 0, 256);
864+
}
862865
include_once './libraries/plugins/auth/' . $auth_class . '.class.php';
863866
// todo: add plugin manager
864867
$plugin_manager = null;
@@ -988,6 +991,8 @@
988991
$controllink = $userlink;
989992
}
990993

994+
$auth_plugin->storeUserCredentials();
995+
991996
/* Log success */
992997
PMA_logUser($cfg['Server']['user']);
993998

Diff for: libraries/plugins/AuthenticationPlugin.class.php

+9
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,15 @@ abstract public function authCheck();
4141
*/
4242
abstract public function authSetUser();
4343

44+
/**
45+
* Stores user credentials after successful login.
46+
*
47+
* @return void
48+
*/
49+
public function storeUserCredentials()
50+
{
51+
}
52+
4453
/**
4554
* User is not allowed to login to MySQL -> authentication failed
4655
*

Diff for: libraries/plugins/auth/AuthenticationCookie.class.php

+10
Original file line numberDiff line numberDiff line change
@@ -557,6 +557,16 @@ public function authSetUser()
557557
unset($_SERVER['PHP_AUTH_PW']);
558558

559559
$_SESSION['last_access_time'] = time();
560+
}
561+
562+
/**
563+
* Stores user credentials after successful login.
564+
*
565+
* @return void
566+
*/
567+
public function storeUserCredentials()
568+
{
569+
global $cfg;
560570

561571
$this->createBlowfishIV();
562572

0 commit comments

Comments
 (0)