From 7880de802f69a58f2a7d7090944db394469bcda7 Mon Sep 17 00:00:00 2001 From: "Byron Jones ‹:glob›" Date: Wed, 25 Nov 2015 09:22:06 -0500 Subject: Bug 1227866 - infinite loop consuming resources when PATH_INFO set --- Bugzilla/CGI.pm | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'Bugzilla') diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index 4deb5aa52..d24722fcc 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -375,7 +375,7 @@ sub header { # To initiate github login, a form POSTs to github.cgi with the # github_secret as a parameter. It must match the github_secret cookie. # this prevents some types of redirection attacks. - unless ($user->id) { + unless ($user->id || $self->{bz_redirecting}) { $self->send_cookie(-name => 'github_secret', -value => Bugzilla->github_secret, -httponly => 1); @@ -524,6 +524,14 @@ sub remove_cookie { '-value' => 'X'); } +# To avoid infinite redirection recursion, track when we're within a redirect +# request. +sub redirect { + my $self = shift; + $self->{bz_redirecting} = 1; + return $self->SUPER::redirect(@_); +} + # This helps implement Bugzilla::Search::Recent, and also shortens search # URLs that get POSTed to buglist.cgi. sub redirect_search_url { -- cgit v1.2.3-24-g4f1b