Fix injection of routing parameters into sql queries

ref https://www.woltlab.com/community/thread/307511-array-to-string-conversion/

diff --git a/wcfsetup/install/files/lib/system/database/Database.class.php b/wcfsetup/install/files/lib/system/database/Database.class.php
index f8e924179d98871e4fc454f89030956014c378f4..32c6d2f6e770705586fd625225fd6c2ff9088105 100644 (file)
--- a/wcfsetup/install/files/lib/system/database/Database.class.php
+++ b/wcfsetup/install/files/lib/system/database/Database.class.php
@@ -315,7 +315,12 @@ abstract class Database
                         $requestInformation = \substr($requestInformation, 0, 70);
                         $requestInformation .= ' (' . $requestId . ')';
                     }
-                    if (isset($_REQUEST['className']) && isset($_REQUEST['actionName'])) {
+                    if (
+                        isset($_REQUEST['className'])
+                        && isset($_REQUEST['actionName'])
+                        && \is_string($_REQUEST['className'])
+                        && \is_string($_REQUEST['actionName'])
+                    ) {
                         $requestInformation = \substr($requestInformation, 0, 90);
                         $requestInformation .= ' (' . $_REQUEST['className'] . ':' . $_REQUEST['actionName'] . ')';
                     }