From 8f4ae1bec48563f46e4bfbd4b15608b9b62284bb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez=20Crespo?= <jaime.perez@uninett.no>
Date: Tue, 16 Jan 2018 10:41:54 +0100
Subject: [PATCH] Perform additional checks on URLs before allowing them.

---
 lib/SimpleSAML/Utils/HTTP.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index 96cfc62ec..d14d71e5a 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -341,6 +341,13 @@ class HTTP
             $components = parse_url($url);
             $hostname = $components['host'];
 
+            // check for userinfo
+            if ((isset($components['user']) && strpos($components['user'], '\\') !== false) ||
+                (isset($components['pass']) && strpos($components['pass'], '\\') !== false)
+            ) {
+                throw new \SimpleSAML_Error_Exception('Invalid URL: '.$url);
+            }
+
             // allow URLs with standard ports specified (non-standard ports must then be allowed explicitly)
             if (isset($components['port']) &&
                 (($components['scheme'] === 'http' && $components['port'] !== 80) ||
-- 
GitLab