[TYPO3-core] FYI72 #15936: Bug: [Caching framework] Entry identifier needs to be sanitized in FileBackend
Ernesto Baschny [cron IT]
ernst at cron-it.de
Fri Oct 8 15:57:57 CEST 2010
Christian Kuhn schrieb am 08.10.2010 15:38:
> The following patch will be committed in 72 hours if nobody objects.
>
> Type: Bugfix, FLOW3 backport
>
> BT: http://bugs.typo3.org/view.php?id=15936
>
> Branches: trunk, 4.4
>
> Problem:
> Currently the entry identifier is not checked at all in FileBackend.
>
> Solution:
> Throw exceptions if identifier contains path segments.
>
> Notes:
> - This is the v4 backport of [1], which was committed to FLOW3 in svn
> rev. 4998 / git 12e086800f37429cf85fdc694e07b49054c16cbc
> - Not a problem in 4.3, all identifiers are sha1()'d there
> - Not a problem with current core usage as all identifiers are hashes
> anyway.
>
> [1] http://forge.typo3.org/issues/9357
Christian, many thanks for keeping up-to-date with the FLOW3 development
on that area!
Cheers,
Ernesto
More information about the TYPO3-team-core
mailing list