[PHPBB3-13376] deregister_globals() does not work correctly when $_COOKIE['GLOBALS'] is specified

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Blocker
Resolution: Fixed
Affects Version/s: 3.0.12, 3.1.1
Fix Version/s: 3.0.13-RC1, 3.1.2
Component/s: None
Labels:
None

GitHub Pull Request URL:
https://github.com/phpbb/phpbb/pull/3180

Description

When e.g. $_COOKIE['GLOBALS']=1 is sent, the deregister_globals() function calls unset() on $GLOBALS['GLOBALS'] destroying the $GLOBALS array.

This renders the board unusable when register_globals (which was removed in PHP 5.4.0) is set to On.

This was previously reported in https://tracker.phpbb.com/browse/SECURITY-172 but since phpBB does not rely on deregister_globals() but always defines variables on its own, this is not a security issue.

Attachments

Activity

People

Assignee:: Nils Adermann

Reporter:: Andreas Fischer [X] (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 25/Nov/14 2:40 PM

Updated:: 22/Jan/17 4:02 PM

Resolved:: 03/Dec/14 12:33 AM