mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 03:18:26 +00:00
Merge pull request #9838 from cakephp/issue-9779
Fix CookieComponent erroring on corrupted data.
This commit is contained in:
Mark Story
GitHub
commit
9e6e08704e
2 changed files with 56 additions and 3 deletions
|
|
@ -283,8 +283,11 @@ class CookieComponent extends Component {
|
|||
return null;
|
||||
}
|
||||
|
||||
if (!empty($names[1]) && is_array($this->_values[$this->name][$key])) {
|
||||
return Hash::get($this->_values[$this->name][$key], $names[1]);
|
||||
if (!empty($names[1])) {
|
||||
if (is_array($this->_values[$this->name][$key])) {
|
||||
return Hash::get($this->_values[$this->name][$key], $names[1]);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
return $this->_values[$this->name][$key];
|
||||
}
|
||||
|
|
@ -336,7 +339,7 @@ class CookieComponent extends Component {
|
|||
return;
|
||||
}
|
||||
$names = explode('.', $key, 2);
|
||||
if (isset($this->_values[$this->name][$names[0]])) {
|
||||
if (isset($this->_values[$this->name][$names[0]]) && is_array($this->_values[$this->name][$names[0]])) {
|
||||
$this->_values[$this->name][$names[0]] = Hash::remove($this->_values[$this->name][$names[0]], $names[1]);
|
||||
}
|
||||
$this->_delete('[' . implode('][', $names) . ']');
|
||||
|
|
|
|||
|
|
@ -153,6 +153,24 @@ class CookieComponentTest extends CakeTestCase {
|
|||
$this->assertEquals($expected, $data);
|
||||
}
|
||||
|
||||
/**
|
||||
* test read operations on corrupted cookie data.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function testReadCorruptedCookieData() {
|
||||
$this->Cookie->type('aes');
|
||||
$this->Cookie->key = sha1('some bad key');
|
||||
|
||||
$data = $this->_implode(array('name' => 'jill', 'age' => 24));
|
||||
// Corrupt the cookie data by slicing some bytes off.
|
||||
$_COOKIE['CakeTestCookie'] = array(
|
||||
'BadData' => substr(Security::encrypt($data, $this->Cookie->key), 0, -5)
|
||||
);
|
||||
$this->assertFalse($this->Cookie->check('BadData.name'), 'Key does not exist');
|
||||
$this->assertNull($this->Cookie->read('BadData.name'), 'Key does not exist');
|
||||
}
|
||||
|
||||
/**
|
||||
* testReadPlainCookieData
|
||||
*
|
||||
|
|
@ -169,6 +187,19 @@ class CookieComponentTest extends CakeTestCase {
|
|||
$this->assertEquals($expected, $data);
|
||||
}
|
||||
|
||||
/**
|
||||
* test read array keys from string data.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function testReadNestedDataFromStrings() {
|
||||
$_COOKIE['CakeTestCookie'] = array(
|
||||
'User' => 'bad data'
|
||||
);
|
||||
$this->assertFalse($this->Cookie->check('User.name'), 'No key');
|
||||
$this->assertNull($this->Cookie->read('User.name'), 'No key');
|
||||
}
|
||||
|
||||
/**
|
||||
* test read() after switching the cookie name.
|
||||
*
|
||||
|
|
@ -451,6 +482,25 @@ class CookieComponentTest extends CakeTestCase {
|
|||
$this->assertNull($data);
|
||||
}
|
||||
|
||||
/**
|
||||
* test delete() on corrupted/truncated cookie data.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function testDeleteCorruptedCookieData() {
|
||||
$this->Cookie->type('aes');
|
||||
$this->Cookie->key = sha1('some bad key');
|
||||
|
||||
$data = $this->_implode(array('name' => 'jill', 'age' => 24));
|
||||
// Corrupt the cookie data by slicing some bytes off.
|
||||
$_COOKIE['CakeTestCookie'] = array(
|
||||
'BadData' => substr(Security::encrypt($data, $this->Cookie->key), 0, -5)
|
||||
);
|
||||
|
||||
$this->assertNull($this->Cookie->delete('BadData.name'));
|
||||
$this->assertNull($this->Cookie->read('BadData.name'));
|
||||
}
|
||||
|
||||
/**
|
||||
* testReadingCookieArray
|
||||
*
|
||||
|
|
|
|||
Loading…
Reference in a new issue