Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-13376

deregister_globals() does not work correctly when $_COOKIE['GLOBALS'] is specified

          Details

          • Type: Bug
          • Status: Unverified Fix
          • Priority: Blocker
          • Resolution: Fixed
          • Affects Version/s: 3.0.12, 3.1.1
          • Fix Version/s: 3.0.13-RC1, 3.1.2
          • Component/s: None
          • Labels:
            None

            Description

            When e.g. $_COOKIE['GLOBALS']=1 is sent, the deregister_globals() function calls unset() on $GLOBALS['GLOBALS'] destroying the $GLOBALS array.

            This renders the board unusable when register_globals (which was removed in PHP 5.4.0) is set to On.

            This was previously reported in https://tracker.phpbb.com/browse/SECURITY-172 but since phpBB does not rely on deregister_globals() but always defines variables on its own, this is not a security issue.

              Activity

              Hide
              Permalink
              bantu Andreas Fischer added a comment -

              Considering that register_globals is supposed to be Off and was removed in PHP 5.4.0, we should just also exit when $_COOKIE['GLOBALS'] is set instead of trying to handle that.

              Show
              bantu Andreas Fischer added a comment - Considering that register_globals is supposed to be Off and was removed in PHP 5.4.0, we should just also exit when $_COOKIE ['GLOBALS'] is set instead of trying to handle that.

                People

                • Assignee:
                  naderman Nils Adermann
                  Reporter:
                  bantu Andreas Fischer
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Development