Merge pull request #1366 from aphofstede/2.1-stable

Check cookie against md5 regex. 2.1 stable CSRF injection security fix
author: Andrey Andreev <narf@bofh.bg> 2012-05-17 10:55:43 +0200
committer: Andrey Andreev <narf@bofh.bg> 2012-05-17 10:55:43 +0200
commit: 9394f8040ee989e2dfeec42732bc06e52c5ee0c6 (patch)
tree: 4abbf8b47cb1acd956c9755cc4ad04ef983609cc /system/core/Security.php
parent: e463c4d71c2fdcc224e70f7576582220ae64e3d7 (diff)
parent: 8f04c69fe65ddc2604425eaee811b50a909d905f (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index a3e227437..6f5ac1ed8 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -848,7 +848,7 @@ class CI_Security {
 			// each page load since a page could contain embedded
 			// sub-pages causing this feature to fail
 			if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
-				$_COOKIE[$this->_csrf_cookie_name] != '')
+				preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
 			{
 				return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
 			}
author	Andrey Andreev <narf@bofh.bg>	2012-05-17 10:55:43 +0200
committer	Andrey Andreev <narf@bofh.bg>	2012-05-17 10:55:43 +0200
commit	9394f8040ee989e2dfeec42732bc06e52c5ee0c6 (patch)
tree	4abbf8b47cb1acd956c9755cc4ad04ef983609cc /system/core/Security.php
parent	e463c4d71c2fdcc224e70f7576582220ae64e3d7 (diff)
parent	8f04c69fe65ddc2604425eaee811b50a909d905f (diff)