Issue Type: Bug Created: 2008-03-14T03:19:14.000+0000 Last Updated: 2008-03-21T17:11:57.000+0000 Status: Resolved Fix version(s): - 1.5.1 (25/Mar/08)
Reporter: Lars Strojny (lars) Assignee: Fabien MARTY (fab) Tags: - Zend_Cache
Related issues: Attachments: - 007-Zend_Cache_Core-newline-injection.diff
The method validateIdOrTag() should only allow [a-zA-Z0-9]. However, the preg_match() call misses the D-modifier and therefore also trailing newlines are allowed. This might not be the biggest problem on earth as I couldn't find any real attack scenario but this should be fixed anyway.
Posted by Lars Strojny (lars) on 2008-03-14T03:19:58.000+0000
Fixes the newline injection by adding the D-modifier.
Posted by Fabien MARTY (fab) on 2008-03-14T14:26:03.000+0000
fixed in SVN trunk and in 1.5 branch
probably no real attack scenario possible
Posted by Wil Sinclair (wil) on 2008-03-21T17:11:57.000+0000
I'm assuming this fix is merged to the 1.5 release branch for release with 1.5.1. Please update JIRA if this is not the case.
Have you found an issue?
See the Overview section for more details.