ZF-2880: Security issue in Zend_Cache_Core

Issue Type: Bug Created: 2008-03-14T03:19:14.000+0000 Last Updated: 2008-03-21T17:11:57.000+0000 Status: Resolved Fix version(s): - 1.5.1 (25/Mar/08)

Reporter: Lars Strojny (lars) Assignee: Fabien MARTY (fab) Tags: - Zend_Cache

Related issues: Attachments: - 007-Zend_Cache_Core-newline-injection.diff


The method validateIdOrTag() should only allow [a-zA-Z0-9]. However, the preg_match() call misses the D-modifier and therefore also trailing newlines are allowed. This might not be the biggest problem on earth as I couldn't find any real attack scenario but this should be fixed anyway.


Posted by Lars Strojny (lars) on 2008-03-14T03:19:58.000+0000

Fixes the newline injection by adding the D-modifier.

Posted by Fabien MARTY (fab) on 2008-03-14T14:26:03.000+0000

fixed in SVN trunk and in 1.5 branch

probably no real attack scenario possible


Posted by Wil Sinclair (wil) on 2008-03-21T17:11:57.000+0000

I'm assuming this fix is merged to the 1.5 release branch for release with 1.5.1. Please update JIRA if this is not the case.

Have you found an issue?

See the Overview section for more details.


© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.