Permalink
Browse files

[ZF-11839] fixed security problem (possible password disclosure)

  • Loading branch information...
1 parent 671ba15 commit 28ff442f716b15eb25d1542805aafaeb0ca9f13f @sgehrig sgehrig committed Oct 24, 2011
Showing with 1 addition and 1 deletion.
  1. +1 −1 library/Zend/Authentication/Adapter/Ldap.php
@@ -365,7 +365,7 @@ public function authenticate()
} else {
$line = $zle->getLine();
$messages[] = $zle->getFile() . "($line): " . $zle->getMessage();
- $messages[] = str_replace($password, '*****', $zle->getTraceAsString());
+ $messages[] = preg_replace('/\b'.preg_quote($password, '/').'\b/', '*****', $zle->getTraceAsString());
$messages[0] = 'An unexpected failure occurred';
}
$messages[1] = $zle->getMessage();

0 comments on commit 28ff442

Please sign in to comment.