Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Security] Fix RememberMe with null password #35343

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 16, 2020
Merged

[Security] Fix RememberMe with null password #35343

merged 1 commit into from
Jan 16, 2020
+8 −8

Conversation

jderusse
Copy link
Member

Q A
Branch? 3.4
Bug fix? yes
New feature? no
Deprecations? yes
Tickets NA
License MIT
Doc PR NA

From UserInterface the method getPassword may return null, while generateCookieHash requires a string.
This PR changes the signature of the methods to allows null password

Similar to #35335 for branch 3.4

@chalasr chalasr added this to the 3.4 milestone Jan 15, 2020
@chalasr
Copy link
Member

chalasr commented Jan 16, 2020

Good catch, thanks @jderusse.

chalasr added a commit that referenced this pull request Jan 16, 2020
@chalasr
bug #35343 [Security] Fix RememberMe with null password (jderusse)
6cc377f 
This PR was merged into the 3.4 branch.

Discussion
----------

[Security] Fix RememberMe with null password

| Q             | A
| ------------- | ---
| Branch?       | 3.4
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | yes
| Tickets       | NA
| License       | MIT
| Doc PR        | NA

From `UserInterface` the method getPassword may return null, while generateCookieHash requires a string.
This PR changes the signature of the methods to allows null password

Similar to #35335 for branch 3.4

Commits
-------

820eb35 Fix RememberMe with null password
@chalasr chalasr merged commit 820eb35 into symfony:3.4 Jan 16, 2020
This was referenced Jan 21, 2020
Merged
Merged
Merged
Merged
@jderusse jderusse deleted the remember-pass-null-34 branch March 5, 2020 20:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@chalasr chalasr chalasr approved these changes

Assignees
No one assigned
Labels
Bug Security Status: Reviewed
Projects
None yet
Milestone
3.4
Development

Successfully merging this pull request may close these issues.
4 participants
@jderusse @chalasr @nicolas-grekas @carsonbot