Page MenuHomePhabricator
Differential D14993

Fix incorrect key handling in extended policy filtering
ClosedPublic
Actions

Authored by epriestley on Jan 11 2016, 12:44 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Apr 28, 4:14 PM
Unknown Object (File)
Sat, Apr 27, 10:52 AM
Unknown Object (File)
Sat, Apr 27, 5:26 AM
Unknown Object (File)
Sat, Apr 27, 3:23 AM
Unknown Object (File)
Fri, Apr 26, 3:16 PM
Unknown Object (File)
Mon, Apr 22, 9:07 AM
Unknown Object (File)
Mon, Apr 8, 6:06 AM
Unknown Object (File)
Fri, Apr 5, 4:01 AM
View All Files
Subscribers
None

Details

Reviewers
chad
Commits
Restricted Diffusion Commit
rPf59ebf4c0959: Fix incorrect key handling in extended policy filtering
Summary

Via HackerOne. The use of $key here should be $extended_key.

Exploiting this requires a very unusual group of objects to be subjected to extended policy checks. I believe there is no way to actually get anything bad through the policy filter today, but this could have been an issue in the future.

Test Plan
  • Added a unit test which snuck something through the policy filter.
  • Fixed use of $extended_key.
  • Test now passes.

Diff Detail

Repository
rP Phabricator
Branch
pfilter1
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 10048
Build 12160: Run Core Tests
Build 12159: arc lint + arc unit

Event Timeline

epriestley updated this revision to Diff 36214.Jan 11 2016, 12:44 PM
epriestley retitled this revision from to Fix incorrect key handling in extended policy filtering.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: chad.
epriestley updated this revision to Diff 36215.Jan 11 2016, 1:04 PM
  • Slightly more detailed comment.
chad accepted this revision.Jan 11 2016, 3:03 PM
chad edited edge metadata.
This revision is now accepted and ready to land.Jan 11 2016, 3:03 PM
Closed by commit rPf59ebf4c0959: Fix incorrect key handling in extended policy filtering (authored by epriestley, committed by epriestley). · Explain WhyJan 11 2016, 3:04 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
src/
applications/
policy/
__tests__/
69 lines
filter/
6 lines

Diff 36214

View Options

src/applications/policy/__tests__/PhabricatorPolicyTestCase.php

Loading...
View Options

src/applications/policy/filter/PhabricatorPolicyFilter.php

Loading...
Phabricator · Built by Phacility