Skip to content
Browse files

security fix in application - Prevent to create object from any contr…

…oller name matched from router
  • Loading branch information...
1 parent 4ee64b9 commit fe14630b7b92fbc818247bbf4d85f566f9de7e21 @vahid-sohrabloo committed Feb 12, 2012
Showing with 27 additions and 9 deletions.
  1. +27 −9 library/Zend/Mvc/Application.php
View
36 library/Zend/Mvc/Application.php
@@ -261,15 +261,13 @@ public function dispatch(MvcEvent $e)
$routeMatch = $e->getRouteMatch();
$controllerName = $routeMatch->getParam('controller', 'not-found');
-
- try {
- $controller = $locator->get($controllerName);
- } catch (ClassNotFoundException $exception) {
+ $im=$locator->instanceManager();
+ if(!$im->hasAlias($controllerName))
+ {
+
$error = clone $e;
$error->setError(static::ERROR_CONTROLLER_NOT_FOUND)
- ->setController($controllerName)
- ->setParam('exception', $exception);
-
+ ->setController($controllerName);
$results = $events->trigger('dispatch.error', $error);
if (count($results)) {
$return = $results->last();
@@ -279,11 +277,14 @@ public function dispatch(MvcEvent $e)
goto complete;
}
- if (!$controller instanceof Dispatchable) {
+ $controllerClass=$im->getClassFromAlias($controllerName);
+ $reflection = new \ReflectionClass($controllerClass);
+ if(!$reflection->implementsInterface('Zend\Stdlib\Dispatchable'))
+ {
$error = clone $e;
$error->setError(static::ERROR_CONTROLLER_INVALID)
->setController($controllerName)
- ->setControllerClass(get_class($controller));
+ ->setControllerClass($controllerClass);
$results = $events->trigger('dispatch.error', $error);
if (count($results)) {
@@ -293,6 +294,23 @@ public function dispatch(MvcEvent $e)
}
goto complete;
}
+
+ try {
+ $controller = $locator->get($controllerName);
+ } catch (ClassNotFoundException $exception) {
+ $error = clone $e;
+ $error->setError(static::ERROR_CONTROLLER_NOT_FOUND)
+ ->setController($controllerName)
+ ->setParam('exception', $exception);
+
+ $results = $events->trigger('dispatch.error', $error);
+ if (count($results)) {
+ $return = $results->last();
+ } else {
+ $return = $error->getParams();
+ }
+ goto complete;
+ }
if ($controller instanceof LocatorAware) {
$controller->setLocator($locator);

0 comments on commit fe14630

Please sign in to comment.
Something went wrong with that request. Please try again.