[BUGFIX] Route dispatching: Don't rely on id being an integer 98/54098/2
authorAndreas Fernandez <a.fernandez@scripting-base.de>
Sun, 10 Sep 2017 11:19:43 +0000 (13:19 +0200)
committerBenni Mack <benni@typo3.org>
Sun, 10 Sep 2017 12:04:54 +0000 (14:04 +0200)
The route dispatcher can't rely on id being an integer, as file list for
example uses string identifier.

It is now checked whether the id is an int instead.

Resolves: #82440
Related: #82406
Releases: master
Change-Id: Idddc8484e0a597fec9d61c509d06f36736990c67
Reviewed-on: https://review.typo3.org/54098
Reviewed-by: Matthias Vogel <typo3@kanti.de>
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Markus Hölzle <typo3@markus-hoelzle.de>
Tested-by: Markus Hölzle <typo3@markus-hoelzle.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
typo3/sysext/backend/Classes/Http/RouteDispatcher.php

index bfd9bc6..d6d4560 100644 (file)
@@ -26,6 +26,7 @@ use TYPO3\CMS\Core\Http\DispatcherInterface;
 use TYPO3\CMS\Core\Http\Response;
 use TYPO3\CMS\Core\Type\Bitmask\Permission;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Core\Utility\MathUtility;
 
 /**
  * Dispatcher which resolves a route to call a controller and method (but also a callable)
@@ -109,8 +110,8 @@ class RouteDispatcher extends Dispatcher implements DispatcherInterface
         // Check permissions and exit if the user has no permission for entry
         // @todo please do not use "true" here, what a bad coding paradigm
         $backendUserAuthentication->modAccess($moduleConfiguration, true);
-        $id = (int)$request->getQueryParams()['id'] ?? $request->getParsedBody()['id'];
-        if ($id) {
+        $id = $request->getQueryParams()['id'] ?? $request->getParsedBody()['id'];
+        if (MathUtility::canBeInterpretedAsInteger($id) && $id > 0) {
             $permClause = $backendUserAuthentication->getPagePermsClause(Permission::PAGE_SHOW);
             // Check page access
             if (!is_array(BackendUtility::readPageAccess($id, $permClause))) {