Closed nickygerritsen closed 3 months ago
It already has protection against this: in https://github.com/DOMjudge/domjudge/blob/main/webapp/src/Logger/VarargsLogMessageProcessor.php#L20 if no context is present (aka no extra arguments given), then it just prints the message unformatted.
If you pass extra arguments to the logger, then it's your responsibility that the primary format string does not contain any unescaped %
characters.
Well, the problem is that Symfony internally passes context to an error, which we do not control. We also do not control the message.
Specifically this error: https://github.com/symfony/symfony/blob/7.1/src/Symfony/Component/HttpKernel/EventListener/RouterListener.php#L120 which then sets the context here: https://github.com/symfony/symfony/blob/7.1/src/Symfony/Component/HttpKernel/EventListener/ErrorListener.php#L171
when the referrer contains a %3F
So maybe the fix is to check if the context is a numerically indexed array and only then do our logic? That would fix this.
For example, when you visit a non existing page with a referrer like
https://www.domjudge.org/demoweb/favicon.ico%3Fv=8.3.0DEV/846393821
(which happened), thenVarargsLogMessageProcessor
thinks the%3F
is a sprintf string, but it isn't, and we get an error (as reported in Sentry)