From c1e6e4e65b8f1919621bd1b45fa77ed132a378c7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 2 Aug 2015 13:39:38 +0200 Subject: [PATCH] OpenID extlib updated: Fixes CVE-2014-8150 --- extlib/Auth/OpenID/URINorm.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/extlib/Auth/OpenID/URINorm.php b/extlib/Auth/OpenID/URINorm.php index c051b550aa..32e84588db 100644 --- a/extlib/Auth/OpenID/URINorm.php +++ b/extlib/Auth/OpenID/URINorm.php @@ -93,7 +93,17 @@ function Auth_OpenID_pct_encoded_replace_unreserved($mo) function Auth_OpenID_pct_encoded_replace($mo) { - return chr(intval($mo[1], 16)); + $code = intval($mo[1], 16); + + // Prevent request splitting by ignoring newline and space characters + if($code === 0xA || $code === 0xD || $code === ord(' ')) + { + return $mo[0]; + } + else + { + return chr($code); + } } function Auth_OpenID_remove_dot_segments($path)