Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
SA-CORE-2018-002 - Drupal 5 patch
diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc
index 5b2e5ab..b2e00ab 100644
--- a/includes/bootstrap.inc
+++ b/includes/bootstrap.inc
@@ -911,6 +911,7 @@ function _drupal_bootstrap($phase) {
drupal_unset_globals();
// Initialize the configuration
conf_init();
+ _drupal_bootstrap_sanitize_request();
break;
case DRUPAL_BOOTSTRAP_EARLY_PAGE_CACHE:
@@ -1024,3 +1025,57 @@ function get_t() {
}
return $t;
}
+
+/**
+ * Sanitizes unsafe keys from the request.
+ */
+function _drupal_bootstrap_sanitize_request() {
+ global $conf;
+ static $sanitized;
+
+ if (!$sanitized) {
+ // Ensure the whitelist array exists.
+ if (!isset($conf['sanitize_input_whitelist']) || !is_array($conf['sanitize_input_whitelist'])) {
+ $conf['sanitize_input_whitelist'] = array();
+ }
+
+ $sanitized_keys = _drupal_bootstrap_sanitize_input($_GET, $conf['sanitize_input_whitelist']);
+ $sanitized_keys = array_merge($sanitized_keys, _drupal_bootstrap_sanitize_input($_POST, $conf['sanitize_input_whitelist']));
+ $sanitized_keys = array_merge($sanitized_keys, _drupal_bootstrap_sanitize_input($_REQUEST, $conf['sanitize_input_whitelist']));
+ $sanitized_keys = array_merge($sanitized_keys, _drupal_bootstrap_sanitize_input($_COOKIE, $conf['sanitize_input_whitelist']));
+ $sanitized_keys = array_unique($sanitized_keys);
+
+ if (count($sanitized_keys) && !empty($conf['sanitize_input_logging'])) {
+ trigger_error(check_plain(sprintf('Potentially unsafe keys removed from request parameters: %s', implode(', ', $sanitized_keys)), E_USER_WARNING));
+ }
+
+ $sanitized = TRUE;
+ }
+}
+
+/**
+ * Sanitizes unsafe keys from user input.
+ *
+ * @param mixed $input
+ * Input to sanitize.
+ * @param array $whitelist
+ * Whitelist of values.
+ * @return array
+ */
+function _drupal_bootstrap_sanitize_input(&$input, $whitelist = array()) {
+ $sanitized_keys = array();
+
+ if (is_array($input)) {
+ foreach ($input as $key => $value) {
+ if ($key !== '' && $key[0] === '#' && !in_array($key, $whitelist, TRUE)) {
+ unset($input[$key]);
+ $sanitized_keys[] = $key;
+ }
+ elseif (is_array($input[$key])) {
+ $sanitized_keys = array_merge($sanitized_keys, _drupal_bootstrap_sanitize_input($input[$key], $whitelist));
+ }
+ }
+ }
+
+ return $sanitized_keys;
+}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.