mirror of
https://github.com/go-gitea/gitea
synced 2024-12-30 19:25:57 +01:00
proper signature validation (#13523)
$header_signature could be a typed float (start with 0e and then only numbers) and a float does equal a string when comparing with typed juggle. eg: 0e123 != "abc" does return false, but 0e123 !== "abc" returns true. you previously could circumvent the signature check when providing a header signature in the float format (0e...) Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
parent
db16275d9e
commit
a31a6e3996
@ -168,7 +168,7 @@ if (empty($header_signature)) {
|
|||||||
$payload_signature = hash_hmac('sha256', $payload, $secret_key, false);
|
$payload_signature = hash_hmac('sha256', $payload, $secret_key, false);
|
||||||
|
|
||||||
// check payload signature against header signature
|
// check payload signature against header signature
|
||||||
if ($header_signature != $payload_signature) {
|
if ($header_signature !== $payload_signature) {
|
||||||
error_log('FAILED - payload signature');
|
error_log('FAILED - payload signature');
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user