From dbc0d3c8844f7ab949c8248298fbb762d202962b Mon Sep 17 00:00:00 2001
From: Dayllan Maza <dmaza@wikimedia.org>
Date: Mon, 19 Aug 2019 14:59:25 -0400
Subject: [PATCH] Clear block cookie if the value is invalid

When a block cookie is present and the block is invalid or doesn't exists
or the cookie value is invalid or malformed, the cookie is removed.

Bug: T227678
Change-Id: Icaff594686c16a0eb8551b2a4392a14a969b43b0
---
 includes/block/BlockManager.php | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/includes/block/BlockManager.php b/includes/block/BlockManager.php
index b67703cab1..a5035bd080 100644
--- a/includes/block/BlockManager.php
+++ b/includes/block/BlockManager.php
@@ -223,7 +223,7 @@ class BlockManager {
 
 	/**
 	 * Try to load a block from an ID given in a cookie value. If the block is invalid
-	 * or doesn't exist, remove the cookie.
+	 * doesn't exist, or the cookie value is malformed, remove the cookie.
 	 *
 	 * @param UserIdentity $user
 	 * @param WebRequest $request
@@ -233,9 +233,13 @@ class BlockManager {
 		UserIdentity $user,
 		WebRequest $request
 	) {
-		$blockCookieId = $this->getIdFromCookieValue( $request->getCookie( 'BlockID' ) );
+		$cookieValue = $request->getCookie( 'BlockID' );
+		if ( is_null( $cookieValue ) ) {
+			return false;
+		}
 
-		if ( $blockCookieId !== null ) {
+		$blockCookieId = $this->getIdFromCookieValue( $cookieValue );
+		if ( !is_null( $blockCookieId ) ) {
 			// TODO: remove dependency on DatabaseBlock
 			$block = DatabaseBlock::newFromID( $blockCookieId );
 			if (
@@ -244,9 +248,10 @@ class BlockManager {
 			) {
 				return $block;
 			}
-			$this->clearBlockCookie( $request->response() );
 		}
 
+		$this->clearBlockCookie( $request->response() );
+
 		return false;
 	}
 
-- 
2.20.1