그누보드5 Open Redirect+Password Hijack 취약점(2018-0109) 수정

2018-03-14 17:57:22 +09:00
parent 06ad4e534a
commit b79a46b857
1 changed files with 2 additions and 1 deletions
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@ -3039,7 +3039,8 @@ function check_url_host($url, $msg='', $return_url=G5_URL)
    }

    //php 5.6.29 이하 버전에서는 parse_url 버그가 존재함
-    if ( (isset($p['host']) && $p['host']) && version_compare(PHP_VERSION, '5.6.29') < 0) {
+    //php 7.0.1 ~ 7.0.5 버전에서는 parse_url 버그가 존재함
+    if ( (isset($p['host']) && $p['host']) ) {
        $bool_ch = false;
        foreach( array('user','host') as $key) {
            if ( isset( $p[ $key ] ) && strpbrk( $p[ $key ], ':/?#@' ) ) {