From: Marcel Werk <burntime@woltlab.com>
Date: Mon, 14 Sep 2020 12:31:34 +0000 (+0200)
Subject: Expired session during 3rd party auth led to a SystemException
X-Git-Tag: 5.3.0~3^2~11
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=c70f8e3fe5f54192d36b62df765405db3afaa04c;p=GitHub%2FWoltLab%2FWCF.git

Expired session during 3rd party auth led to a SystemException

(cherry picked from commit da8b0e89fa9da82fc7965955e7c0639a65d6ac00)
---

diff --git a/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php b/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
index ab50f7e87f..d4ea40b358 100644
--- a/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
@@ -68,7 +68,7 @@ class FacebookAuthAction extends AbstractAction {
 			}
 			
 			// validate state, validation of state is executed after fetching the access_token to invalidate 'code'
-			if (!isset($_GET['state']) || !\hash_equals(WCF::getSession()->getVar('__facebookInit'), $_GET['state'])) throw new IllegalLinkException();
+			if (!isset($_GET['state']) || !WCF::getSession()->getVar('__facebookInit') || !\hash_equals(WCF::getSession()->getVar('__facebookInit'), $_GET['state'])) throw new IllegalLinkException();
 			WCF::getSession()->unregister('__facebookInit');
 			
 			try {
diff --git a/wcfsetup/install/files/lib/action/GithubAuthAction.class.php b/wcfsetup/install/files/lib/action/GithubAuthAction.class.php
index db95872029..559db9f5f6 100644
--- a/wcfsetup/install/files/lib/action/GithubAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/GithubAuthAction.class.php
@@ -64,7 +64,7 @@ class GithubAuthAction extends AbstractAction {
 			}
 			
 			// validate state, validation of state is executed after fetching the access_token to invalidate 'code'
-			if (!isset($_GET['state']) || !\hash_equals(WCF::getSession()->getVar('__githubInit'), $_GET['state'])) throw new IllegalLinkException();
+			if (!isset($_GET['state']) || !WCF::getSession()->getVar('__githubInit') || !\hash_equals(WCF::getSession()->getVar('__githubInit'), $_GET['state'])) throw new IllegalLinkException();
 			WCF::getSession()->unregister('__githubInit');
 			
 			parse_str($content, $data);