mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-03 07:18:08 +02:00
Code Issues Releases Wiki Activity

[ticket/13765] Verify SERVER_PROTOCOL has the expected format before using it.

Browse Source 
PHPBB3-13765
This commit is contained in:
Joas Schilling
2015-04-11 17:43:06 +02:00
committed by Andreas Fischer
parent 35d2467c94
commit 463c62df18
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/functions.php
View File

@@ -2782,7 +2782,7 @@ function send_status_line($code, $message)
} }
else else
{ {
if (!empty($_SERVER['SERVER_PROTOCOL'])) if (!empty($_SERVER['SERVER_PROTOCOL']) && is_string($_SERVER['SERVER_PROTOCOL']) && preg_match('#^HTTP/[0-9]\.[0-9]$#', $_SERVER['SERVER_PROTOCOL']))
{ {
$version = $_SERVER['SERVER_PROTOCOL']; $version = $_SERVER['SERVER_PROTOCOL'];
} }

2
phpBB/includes/startup.php
View File

@@ -130,7 +130,7 @@ if (phpbb_has_trailing_path($phpEx))
{ {
$prefix = 'Status:'; $prefix = 'Status:';
} }
else if (!empty($_SERVER['SERVER_PROTOCOL'])) else if (!empty($_SERVER['SERVER_PROTOCOL']) && is_string($_SERVER['SERVER_PROTOCOL']) && preg_match('#^HTTP/[0-9]\.[0-9]$#', $_SERVER['SERVER_PROTOCOL']))
{ {
$prefix = $_SERVER['SERVER_PROTOCOL']; $prefix = $_SERVER['SERVER_PROTOCOL'];
} }