MantisBT: master 61c8548c

Diff Back to Repository
Author Committer Branch Timestamp Parent
dregad dregad master 2014-12-21 06:46 master 0b7e1260
Affected Issues  0017640: CVE-2014-6387: Null byte poisoning in LDAP authentication
 0017967: Reporting an issue gives: 'Invalid argument supplied for foreach()' in '/opt/mantisbt-1.2.18/core/gpc_api.php' line 259
Changeset

Fix system warning in gpc_get_string_array()

The fix for issue 0017640 did not consider that the value returned by
gpc_get() is not necessarily an array - it can be the default value
(e.g. null) causing PHP to throw an 'Invalid argument supplied for
foreach()' warning.

Fixes 0017967 (ported from 1.2.x)
mod - core/gpc_api.php Diff File