Making WordPress.org


Ignore:
Timestamp:
04/04/2018 07:41:21 PM (7 years ago)
Author:
iandunn
Message:

WordCamp Payments: Verify payload signature before unslashing data.

The signature is generated on slashed data, so it needs to be verified against slashed data as well. Otherwise there are cases where the verification will incorrectly fail. For example, Bogotá gets encoded as Bogot\u00e1, but is Bogotu00e1 after being unslashed, so it won't match the original.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/includes/sponsor-payment-stripe.php

    r6709 r7027  
    224224
    225225            // Make sure our data hasn't been altered.
    226             $payment_data_str = wp_unslash( $payment_data_json );
    227 
    228             if ( ! hash_equals( hash_hmac( 'sha256', $payment_data_str, $data['keys']['hmac_key'] ), $payment_data_signature ) ) {
     226
     227            if ( ! hash_equals( hash_hmac( 'sha256', $payment_data_json, $data['keys']['hmac_key'] ), $payment_data_signature ) ) {
    229228                $data['errors'][] = 'Could not verify payload signature.';
    230229                return;
    231230            }
    232231
    233             $payment_data = json_decode( $payment_data_str, true );
     232            $payment_data = json_decode( wp_unslash( $payment_data_json ), true );
    234233
    235234            switch ( $payment_data['payment_type'] ) {
Note: See TracChangeset for help on using the changeset viewer.