From 239ba392618f751fd5d74da57dcf77cd9a6449a2 Mon Sep 17 00:00:00 2001
From: Tim Starling <tstarling@users.mediawiki.org>
Date: Mon, 31 Oct 2005 21:14:07 +0000
Subject: [PATCH] workaround for any current or future exploit of the $GLOBALS
 overwrite vulnerability

---
 img_auth.php    | 4 ++++
 index.php       | 4 ++++
 profileinfo.php | 4 ++++
 redirect.php    | 3 +++
 thumb.php       | 4 ++++
 trackback.php   | 4 ++++
 6 files changed, 23 insertions(+)

diff --git a/img_auth.php b/img_auth.php
index 6f6152eb13..341b7e25b2 100644
--- a/img_auth.php
+++ b/img_auth.php
@@ -10,6 +10,10 @@
 # Valid web server entry point, enable includes
 define( 'MEDIAWIKI', true );
 
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+	die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
+
 require_once( 'includes/Defines.php' );
 require_once( './LocalSettings.php' );
 require_once( 'includes/Setup.php' );
diff --git a/index.php b/index.php
index d623ae27f3..478a0c6f02 100644
--- a/index.php
+++ b/index.php
@@ -9,6 +9,10 @@ $wgRequestTime = microtime();
 unset( $IP );
 @ini_set( 'allow_url_fopen', 0 ); # For security...
 
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+	die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
+
 # Valid web server entry point, enable includes.
 # Please don't move this line to includes/Defines.php. This line essentially defines
 # a valid entry point. If you put it in includes/Defines.php, then any script that includes
diff --git a/profileinfo.php b/profileinfo.php
index 1c603b6709..2f54fea010 100644
--- a/profileinfo.php
+++ b/profileinfo.php
@@ -48,6 +48,10 @@
 $wgDBadminuser = $wgDBadminpassword = $wgDBserver = $wgDBname = $wgEnableProfileInfo = false;
 
 define("MEDIAWIKI", 1);
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+	print $GLOBALS;
+	die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
 
 require_once("./includes/Defines.php");
 require_once("./LocalSettings.php");
diff --git a/redirect.php b/redirect.php
index 92a8890932..7c7aa3b165 100644
--- a/redirect.php
+++ b/redirect.php
@@ -3,6 +3,9 @@ unset( $DP );
 unset( $IP );
 $wgCommandLineMode = false;
 define( 'MEDIAWIKI', true );
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+	die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
 
 require_once( './includes/Defines.php' );
 require_once( './LocalSettings.php' );
diff --git a/thumb.php b/thumb.php
index 0183c3fea1..439b5b5c4f 100644
--- a/thumb.php
+++ b/thumb.php
@@ -7,6 +7,10 @@
 
 define( 'MEDIAWIKI', true );
 unset( $IP );
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+	die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
+
 $wgNoOutputBuffer = true;
 
 require_once( './includes/Defines.php' );
diff --git a/trackback.php b/trackback.php
index a2c9d8dc45..64ca383f53 100644
--- a/trackback.php
+++ b/trackback.php
@@ -7,6 +7,10 @@
 
 unset($IP);
 define('MEDIAWIKI', true);
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+	die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
+
 require_once('./includes/Defines.php');
 
 if (!file_exists('LocalSettings.php'))
-- 
2.20.1