From 4f17920c7578fa30ee489914ea83f5b6586b82ef Mon Sep 17 00:00:00 2001
From: Angie Byron <webchick@24967.no-reply.drupal.org>
Date: Sat, 11 Oct 2008 04:06:29 +0000
Subject: #319466: SA-2008-47 (#295053): CSRF in cached forms.

---
 modules/poll/poll.module | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'modules/poll/poll.module')

diff --git a/modules/poll/poll.module b/modules/poll/poll.module
index 5dd356f1b..21d48cba2 100644
--- a/modules/poll/poll.module
+++ b/modules/poll/poll.module
@@ -366,7 +366,9 @@ function poll_choice_js() {
   // not process it. We retreive the cached form, add the element, and resave.
   $form_build_id = $_POST['form_build_id'];
   $form_state = array('submitted' => FALSE);
-  $form = form_get_cache($form_build_id, $form_state);
+  if (!$form = form_get_cache($form_build_id, $form_state)) {
+    exit();
+  }
 
   $delta = count($_POST['choice']);
   $key = isset($form['#node']->choice) ? 'new:'. ($delta - count($form['#node']->choice)) : 'new:'. $delta;
-- 
cgit v1.2.3