Uploaded image for project: 'phpBB'
  1. phpBB
  2. PHPBB-16348

user_ban double free of $result when banning a non-existent or disallowed username on command line

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • 3.2.10-RC1, 3.3.1-RC1
    • 3.2.9, 3.3.0
    • Other

      In the global user_ban function, if an attempt is made to ban a username and that username is not valid or it is filtered due to being a founder type account, the code will call to trigger_error('NO_USERS', E_USER_WARNING). Under non-cli SAPI the E_USER_WARNING will happen to cause PHP to exit early, but on the cli SAPI this is not so, which means this code path on the command line makes two calls to $db->sql_freeresult($result).

      The call to $db->sql_freeresult($result) at https://github.com/phpbb/phpbb/blob/3bb2edd53de2e1b6e9b23099c21e72cd6063c1a4/phpBB/includes/functions_user.php#L1054 should simply be moved up into the if-statement’s consequent block.

            Marc Marc
            Snover Snover [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: