View Issue Details

IDProjectCategoryView StatusLast Update
0026540mantisbtapi restpublic2020-02-17 04:46
Reportermnewnham Assigned Todregad  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version2.22.1 
Target Version2.24.0Fixed in Version2.24.0 
Summary0026540: Passing unsanitized data to type hinted function causes program crash
Description

The function mci_issue_set_custom_fields ( $p_issue_id, array &$p_custom_fields = null, $p_log_insert ) in api/soap/mci_issue_api.php uses a type hint (array) on the second argument, but the calling function mc_issue_update() at line 1104 does not check that the value passed to mc_issue_set_custom_fields is actually an array.

This causes an untrapped failure at that point.

Solution: either sanitize before the function is called or remove the type hint and test in mci_issue_set_custom_fields()

Steps To Reproduce

Create a rest api call with an invalid construction and push to mantis

example:
$c = new stdClass;
$c->id = 1234;
$c->custom_fields = "ABC"; //Should be an array

$jsonData = json_encode($c);

---> Push $jsonData to rest api

TagsNo tags attached.

Relationships

related to 0026542 resolveddregad Passing out of range custom field id causes multiple PHP warnings / incorrect response 
related to 0026541 resolveddregad Passing invalid id to rest api custom field update causes program crash 

Activities

Related Changesets

MantisBT: master 9f1925f8

2020-02-02 15:53:34

dregad

Details Diff
Make sure given custom field data is an array

Fixes 0026540
Affected Issues
0026540
mod - api/soap/mc_project_api.php Diff File

Issue History

Date Modified Username Field Change
2019-12-30 12:16 mnewnham New Issue
2020-02-02 16:41 dregad Status new => assigned
2020-02-02 16:41 dregad Assigned To => dregad
2020-02-02 16:46 dregad Relationship added related to 0026541
2020-02-02 16:47 dregad Relationship added related to 0026542
2020-02-02 17:00 dregad Note Added: 0063556
2020-02-02 17:00 dregad Target Version => 2.24.0
2020-02-17 04:46 dregad Changeset attached => MantisBT master 9f1925f8
2020-02-17 04:46 dregad Status assigned => resolved
2020-02-17 04:46 dregad Resolution open => fixed
2020-02-17 04:46 dregad Fixed in Version => 2.24.0