[PHPBB3-17032] Missing or invalid user entry for anonymous user may result in stack overflow

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.3.8
Fix Version/s: 3.3.9-RC1
Component/s: None
Labels:
None

Description

The user_loader's get_user() method does try to fall back to the anonymous user if a certain user couldn't be loaded. It does so by calling itself:

https://github.com/phpbb/phpbb/blob/master/phpBB/phpbb/user_loader.php#L138

According to the docblock, it should return "False if the anonymous user was not loaded". That is however not true. When the anonymous user was not loaded, it will try loading the anonymous user and call itself again to return the user data. However, in cases where the anonymous user's data couldn't be retrieved, it'll just continue calling itself.

This then results in a stack overflow and a segmentation fault for PHP.

Attachments

Activity

People

Assignee:: Marc

Reporter:: Marc

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 08/Sep/22 7:49 PM

Updated:: 11/Sep/22 5:32 AM

Resolved:: 09/Sep/22 5:15 AM