commit: da9910850a168f73c6b8dd8407a01f47d27ca1d8 Author: Derky <derky <AT> phpbb <DOT> com> AuthorDate: Thu Apr 25 22:56:48 2019 +0000 Commit: Jimi Huotari <chiitoo <AT> gentoo <DOT> org> CommitDate: Thu Apr 25 22:56:48 2019 +0000 URL: https://gitweb.gentoo.org/proj/forums.git/commit/?id=da991085
[ticket/security/235] Only allow one wildcard in the search query to limit the database load SECURITY-235 phpBB/phpbb/search/fulltext_native.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/phpBB/phpbb/search/fulltext_native.php b/phpBB/phpbb/search/fulltext_native.php index 1925623b8..c83de75ee 100644 --- a/phpBB/phpbb/search/fulltext_native.php +++ b/phpBB/phpbb/search/fulltext_native.php @@ -310,6 +310,15 @@ class fulltext_native extends \phpbb\search\base $replace = '$1'; $keywords = preg_replace($match, $replace, $keywords); + // Only allow one wildcard in the search query to limit the database load + $match = '#\*#'; + $replace = '$1'; + $count_wildcards = substr_count($keywords, '*'); + + // Reverse the string to remove all wildcards except the first one + $keywords = strrev(preg_replace($match, $replace, strrev($keywords), $count_wildcards - 1)); + unset($count_wildcards); + // set the search_query which is shown to the user $this->search_query = $keywords;