Created
March 28, 2018 19:30
-
-
Save vidhyashekar/016bc1d8f31c8b8828d85e64d1fabe61 to your computer and use it in GitHub Desktop.
changelog
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/CHANGELOG.txt b/CHANGELOG.txt | |
index 90df08960a..799b80036b 100644 | |
--- a/CHANGELOG.txt | |
+++ b/CHANGELOG.txt | |
@@ -1,4 +1,8 @@ | |
+Drupal 7.58, 2018-03-28 | |
+----------------------- | |
+- Fixed security issues (multiple vulnerabilities). See SA-CORE-2018-002. | |
+ | |
Drupal 7.57, 2018-02-21 | |
----------------------- | |
- Fixed security issues (multiple vulnerabilities). See SA-CORE-2018-001. | |
diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc | |
index 655db6d63e..06acf935e0 100644 | |
--- a/includes/bootstrap.inc | |
+++ b/includes/bootstrap.inc | |
@@ -8,7 +8,7 @@ | |
/** | |
* The current system version. | |
*/ | |
-define('VERSION', '7.57'); | |
+define('VERSION', '7.58'); | |
/** | |
* Core API compatibility. | |
@@ -2632,6 +2632,10 @@ function _drupal_bootstrap_configuration() { | |
timer_start('page'); | |
// Initialize the configuration, including variables from settings.php. | |
drupal_settings_initialize(); | |
+ | |
+ // Sanitize unsafe keys from the request. | |
+ require_once DRUPAL_ROOT . '/includes/request-sanitizer.inc'; | |
+ DrupalRequestSanitizer::sanitize(); | |
} | |
/** | |
diff --git a/includes/request-sanitizer.inc b/includes/request-sanitizer.inc | |
new file mode 100644 | |
index 0000000000..1daa6b5348 | |
--- /dev/null | |
+++ b/includes/request-sanitizer.inc | |
@@ -0,0 +1,82 @@ | |
+<?php | |
+ | |
+/** | |
+ * @file | |
+ * Contains code for sanitizing user input from the request. | |
+ */ | |
+ | |
+/** | |
+ * Sanitizes user input from the request. | |
+ */ | |
+class DrupalRequestSanitizer { | |
+ | |
+ /** | |
+ * Tracks whether the request was already sanitized. | |
+ */ | |
+ protected static $sanitized = FALSE; | |
+ | |
+ /** | |
+ * Modifies the request to strip dangerous keys from user input. | |
+ */ | |
+ public static function sanitize() { | |
+ if (!self::$sanitized) { | |
+ $whitelist = variable_get('sanitize_input_whitelist', array()); | |
+ $log_sanitized_keys = variable_get('sanitize_input_logging', FALSE); | |
+ | |
+ // Process query string parameters. | |
+ $get_sanitized_keys = array(); | |
+ $_GET = self::stripDangerousValues($_GET, $whitelist, $get_sanitized_keys); | |
+ if ($log_sanitized_keys && $get_sanitized_keys) { | |
+ _drupal_trigger_error_with_delayed_logging(format_string('Potentially unsafe keys removed from query string parameters (GET): @keys', array('@keys' => implode(', ', $get_sanitized_keys))), E_USER_NOTICE); | |
+ } | |
+ | |
+ // Process request body parameters. | |
+ $post_sanitized_keys = array(); | |
+ $_POST = self::stripDangerousValues($_POST, $whitelist, $post_sanitized_keys); | |
+ if ($log_sanitized_keys && $post_sanitized_keys) { | |
+ _drupal_trigger_error_with_delayed_logging(format_string('Potentially unsafe keys removed from request body parameters (POST): @keys', array('@keys' => implode(', ', $post_sanitized_keys))), E_USER_NOTICE); | |
+ } | |
+ | |
+ // Process cookie parameters. | |
+ $cookie_sanitized_keys = array(); | |
+ $_COOKIE = self::stripDangerousValues($_COOKIE, $whitelist, $cookie_sanitized_keys); | |
+ if ($log_sanitized_keys && $cookie_sanitized_keys) { | |
+ _drupal_trigger_error_with_delayed_logging(format_string('Potentially unsafe keys removed from cookie parameters (COOKIE): @keys', array('@keys' => implode(', ', $cookie_sanitized_keys))), E_USER_NOTICE); | |
+ } | |
+ | |
+ $request_sanitized_keys = array(); | |
+ $_REQUEST = self::stripDangerousValues($_REQUEST, $whitelist, $request_sanitized_keys); | |
+ | |
+ self::$sanitized = TRUE; | |
+ } | |
+ } | |
+ | |
+ /** | |
+ * Strips dangerous keys from the provided input. | |
+ * | |
+ * @param mixed $input | |
+ * The input to sanitize. | |
+ * @param string[] $whitelist | |
+ * An array of keys to whitelist as safe. | |
+ * @param string[] $sanitized_keys | |
+ * An array of keys that have been removed. | |
+ * | |
+ * @return mixed | |
+ * The sanitized input. | |
+ */ | |
+ protected static function stripDangerousValues($input, array $whitelist, array &$sanitized_keys) { | |
+ if (is_array($input)) { | |
+ foreach ($input as $key => $value) { | |
+ if ($key !== '' && $key[0] === '#' && !in_array($key, $whitelist, TRUE)) { | |
+ unset($input[$key]); | |
+ $sanitized_keys[] = $key; | |
+ } | |
+ else { | |
+ $input[$key] = self::stripDangerousValues($input[$key], $whitelist, $sanitized_keys); | |
+ } | |
+ } | |
+ } | |
+ return $input; | |
+ } | |
+ | |
+} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment