Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Security] Avoid failing when PersistentRememberMeHandler handles a malformed cookie #60379

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 9, 2025
Merged

[Security] Avoid failing when PersistentRememberMeHandler handles a malformed cookie #60379

merged 1 commit into from
May 9, 2025
+22 −1

Conversation

Seldaek
Copy link
Member

@Seldaek Seldaek commented May 8, 2025

Q A
Branch? 6.4
Bug fix? yes
New feature? no
Deprecations? no
Issues Fix #...
License MIT

If the remember me cookie is malformed like "foo" then the page crashes due to https://github.com/symfony/symfony/blob/7.3/src/Symfony/Component/Security/Http/RememberMe/RememberMeDetails.php#L39

Not a huge deal but not very elegant

@Seldaek Seldaek requested a review from chalasr as a code owner May 8, 2025 09:06
@carsonbot carsonbot added this to the 6.4 milestone May 8, 2025
@xabbuh
Copy link
Member

xabbuh commented May 8, 2025

Can we cover this case with a test?

@Seldaek
Copy link
Member Author

Seldaek commented May 8, 2025

Added a test yes. I think looking a bit more at what happens the flow is like this:

  • RememberMeAuthenticator::authenticate attempts to read the cookie, that throws an AuthenticationException which fails the login
  • RememberMeListener handles the LoginFailureEvent and calls clearRememberMeCookie
  • the clearing tries to read the cookie first and that throws if it is malformed (fixed by this PR so it is caught and the cookie is cleared without failure, the persistent data is not cleared obviously as we cannot map any persistent data from a malformed cookie)

@carsonbot carsonbot changed the title Avoid failing when PersistentRememberMeHandler handles a malformed cookie [Security] Avoid failing when PersistentRememberMeHandler handles a malformed cookie May 8, 2025
nicolas-grekas
nicolas-grekas approved these changes May 9, 2025
View reviewed changes
Copy link
Member

@nicolas-grekas nicolas-grekas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one minor CS fix, thanks for the patch and the explanation.

src/Symfony/Component/Security/Http/RememberMe/PersistentRememberMeHandler.php Outdated
$rememberMeDetails = RememberMeDetails::fromRawCookie($cookie);
try {
$rememberMeDetails = RememberMeDetails::fromRawCookie($cookie);
} catch (AuthenticationException $e) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
} catch (AuthenticationException $e) {
} catch (AuthenticationException) {

@fabpot
Copy link
Member

fabpot commented May 9, 2025

Thank you @Seldaek.

@fabpot fabpot merged commit ec1e4a2 into symfony:6.4 May 9, 2025
10 checks passed
@fabpot fabpot mentioned this pull request May 10, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabpot fabpot fabpot approved these changes

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@xabbuh xabbuh xabbuh approved these changes

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

Assignees
No one assigned
Labels
Bug Security Status: Reviewed
Projects
None yet
Milestone
6.4
Development

Successfully merging this pull request may close these issues.
6 participants
@Seldaek @xabbuh @fabpot @nicolas-grekas @OskarStark @carsonbot