In customerror_check_redirect, $_GET['destination'] is directly accessed without any check. This cause am "undefined index" in PHP 5.3 (the recommended PHP version for Drupal 7).

CommentFileSizeAuthor
#1 undefined_index_customerror_check_redirect-1430592-1.patch860 bytespbuyle

Comments

pbuyle’s picture

pbuyle commented
Status: Active » Needs review
StatusFileSize
new undefined_index_customerror_check_redirect-1430592-1.patch860 bytes

Here is a patch to fix this issue.

akshita’s picture

akshita commented

Hi

will this patch fixes the issue at line 277

Notice: Undefined offset: 1 in customerror_check_redirect() (line 277 of /var/www/sites/all/modules/customerror/customerror.module).

Please do the needful and thanks in advance.

function customerror_check_redirect() {
$destination = $_GET['destination'];
if (empty($destination)) {
return;
}

$redirect_list = variable_get('customerror_redirect', '');
if (empty($redirect_list)) {
return;
}
$redirect_list = explode("\n", $redirect_list);
foreach ($redirect_list as $item) {

list($src, $dst) = explode(' ', $item);

if (isset($src) && isset($dst)) {
$src = str_replace("/", "\\/", $src);
$dst = str_replace("\r", "", $dst);
// In case there are spaces in the URL, we escape them
$orig_dst = str_replace(" ", "%20", $destination);
if (preg_match('/' . $src . '/', $orig_dst)) {
$_GET['destination'] = $dst;
drupal_goto($dst);
}
}
}
}

superspring’s picture

superspring commented
Status: Needs review » Reviewed & tested by the community

I've tried mongolito404's patch, it fixes the problem.

gisle’s picture

gisle
he/him
Primary language Norwegian Bokmål
Location Norway
commented
Status: Reviewed & tested by the community » Fixed

Thanks!
Looks fine. It is commited on May 2, 2013 18:59 (commit 5941549 on 7.x-1.x branch).

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

  • Commit 5941549 on 7.x-1.x, 8.x-1.x authored by mongolito404, committed by gisle: 
    Issue #1430592 by mongolito404: Undefined index in...
nicholasthompson’s picture

nicholasthompson
Primary language English
commented
Issue summary: View changes
Status: Closed (fixed) » Needs work

I can see the commit this was fixed in - however the latest 7.x-1.2 release still has the bug in it... Has the code been reverted?

http://cgit.drupalcode.org/customerror/tree/customerror.module?id=7.x-1....

nicholasthompson’s picture

nicholasthompson
Primary language English
commented
Status: Needs work » Closed (fixed)

Ignore - my issue is slightly different...