commit: da9910850a168f73c6b8dd8407a01f47d27ca1d8
Author: Derky <derky <AT> phpbb <DOT> com>
AuthorDate: Thu Apr 25 22:56:48 2019 +0000
Commit: Jimi Huotari <chiitoo <AT> gentoo <DOT> org>
CommitDate: Thu Apr 25 22:56:48 2019 +0000
URL: https://gitweb.gentoo.org/proj/forums.git/commit/?id=da991085
[ticket/security/235] Only allow one wildcard in the search query to limit the
database load
SECURITY-235
phpBB/phpbb/search/fulltext_native.php | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/phpBB/phpbb/search/fulltext_native.php
b/phpBB/phpbb/search/fulltext_native.php
index 1925623b8..c83de75ee 100644
--- a/phpBB/phpbb/search/fulltext_native.php
+++ b/phpBB/phpbb/search/fulltext_native.php
@@ -310,6 +310,15 @@ class fulltext_native extends \phpbb\search\base
$replace = '$1';
$keywords = preg_replace($match, $replace, $keywords);
+ // Only allow one wildcard in the search query to limit the
database load
+ $match = '#\*#';
+ $replace = '$1';
+ $count_wildcards = substr_count($keywords, '*');
+
+ // Reverse the string to remove all wildcards except the first
one
+ $keywords = strrev(preg_replace($match, $replace,
strrev($keywords), $count_wildcards - 1));
+ unset($count_wildcards);
+
// set the search_query which is shown to the user
$this->search_query = $keywords;
