[Koha-bugs] [Bug 27849] New: Koha::Token may access undefined C4::Context->userenv
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Mar 3 12:51:48 CET 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27849
Bug ID: 27849
Summary: Koha::Token may access undefined C4::Context->userenv
Change sponsored?: ---
Product: Koha
Version: 20.11
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: koha-bugs at lists.koha-community.org
Reporter: mjr at software.coop
QA Contact: testopia at bugs.koha-community.org
The _add_default_csrf_params internal function accesses C4::Context->userenv
without checking that it has been defined. I think not all of the potential
callers of it declare that they require a defined userenv, so we should test
and provide defaults for required values if it is not defined, to avoid some
"Can't use an undefined value as a HASH reference" HTTP 500 Internal Server
Errors.
Step to Reproduce: write some code that results in that function being used
before a set_userenv call
Actual Result: error logged, code exits
Expected Result: code runs to completion
Additional Information: I am not sure whether this is currently triggered by
any released core koha code, or only a few plugins and mods. It looks to me
like a bug waiting to happen, based on the documentation, which can be avoided
simply.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list