Skip to content

Instantly share code, notes, and snippets.

@insom
Created September 26, 2013 09:56
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save insom/6712120 to your computer and use it in GitHub Desktop.
Pulled the code out of the 1.7.0.2->1.8.0.0 diff, as per http://www.reddit.com/r/Magento/comments/1n4vha/magento_remote_code_execution_in_17/
diff -ru magento-17/app/code/core/Mage/Core/Helper/Cookie.php magento-patched/app/code/core/Mage/Core/Helper/Cookie.php
--- magento-17/app/code/core/Mage/Core/Helper/Cookie.php 2012-07-05 11:49:29.000000000 +0100
+++ magento-patched/app/code/core/Mage/Core/Helper/Cookie.php 2013-09-26 10:52:24.701527319 +0100
@@ -69,7 +69,7 @@
{
$acceptedSaveCookiesWebsites = $this->_getAcceptedSaveCookiesWebsites();
$acceptedSaveCookiesWebsites[Mage::app()->getWebsite()->getId()] = 1;
- return serialize($acceptedSaveCookiesWebsites);
+ return json_encode($acceptedSaveCookiesWebsites);
}
/**
@@ -80,7 +80,7 @@
protected function _getAcceptedSaveCookiesWebsites()
{
$serializedList = Mage::getSingleton('core/cookie')->get(self::IS_USER_ALLOWED_SAVE_COOKIE);
- $unSerializedList = unserialize($serializedList);
+ $unSerializedList = json_decode($serializedList, true);
return is_array($unSerializedList) ? $unSerializedList : array();
}
@insom
Copy link
Author

insom commented Sep 26, 2013

Download the file, change into your public_html folder and apply with:

patch -p1 < fix-magento-vulnerability.diff

@insom
Copy link
Author

insom commented Sep 26, 2013

Or just:

curl https://gist.github.com/insom/6712120/raw/b4e761d19ff5eee4c2fb2a467ca58f6763f9d960/fix-magento-vulnerability.diff | patch -p1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment