[TYPO3-core] RFC: #17289: Form protection tokens get lost because of a race condition when persisting tokens
Helmut Hummel
helmut.hummel at typo3.org
Tue Jan 25 10:44:40 CET 2011
This is an SVN patch request.
Type: Bugfix
Bugtracker references:
http://bugs.typo3.org/view.php?id=17289
Branches:
Trunk
Problem:
If two (or more) scripts are executed (almost) at the same time, both
scripts retrieve the same token array from the session. Both scripts
will create new tokens independently. The script that is executed last
will then overwrite the tokens generated by the first script.
Solution:
Before writing all tokens back to the session we need to retrieve the
current tokens from the session again and lock this for one process only.
How to test:
* Apply the test patch
* Reload the backend
* Go to file list module and wait until both frames loaded
* hover over the help icon in navigation frame
Note: I added a sleep call in the test patch to force the problem, so do
not wonder that the nav-frame is loading slower ;)
Kind regards,
Helmut
--
Helmut Hummel
TYPO3 Security Team Leader
TYPO3 .... inspiring people to share!
Get involved: typo3.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 17289_testing_only.diff
Type: text/x-patch
Size: 5653 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20110125/8eb7318a/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 17289.diff
Type: text/x-patch
Size: 4609 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20110125/8eb7318a/attachment-0003.bin>
More information about the TYPO3-team-core
mailing list