[BUGFIX] Fix array access error in EditableRestriction

The class EditableRestriction is used in EXT:linkvalidator to apply
permission restrictions to database queries for current (non-admin)
BE user.

In case of table sys_file_reference, the value for
$GLOBALS['TCA'][$table]['ctrl']['type'] might be "uid_local:type". In
that case, the class EditableRestriction tried to access the TCA
configuration for this field via $GLOBALS['TCA']['sys_file_reference']
['columns']['uid_local:type']['config']
when in fact this will be empty (and the type refers to the table
sys_file).

We now check if the resulting array is empty and skip the check if
that is the case.

Resolves: #103559
Related: #83835
Releases: main, 12.4, 11.5
Change-Id: Idbe653ef9f1c21c077fcb79c03212e606cc71830
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/84829


Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>

typo3/sysext/linkvalidator/Classes/QueryRestrictions/EditableRestriction.php

@@ -66,7 +66,12 @@ class EditableRestriction implements QueryRestrictionInterface
         foreach ($searchFields as $table => $fields) {
             if ($table !== 'pages' && ($GLOBALS['TCA'][$table]['ctrl']['type'] ?? false)) {
                 $type = $GLOBALS['TCA'][$table]['ctrl']['type'];
-                $fieldConfig = $GLOBALS['TCA'][$table]['columns'][$type]['config'];
+                $fieldConfig = $GLOBALS['TCA'][$table]['columns'][$type]['config'] ?? [];
+                if ($fieldConfig === []) {
+                    // $type might be "uid_local:type" for table "sys_file_reference" and then $fieldConfig will be empty
+                    // in this case we skip because we do not join with the other table and will not have this value
+                    continue;
+                }
                 // Check for items
                 if ($fieldConfig['type'] === 'select'
                     && is_array($fieldConfig['items'] ?? false)