Yaron Koren has submitted this change and it was merged.
Change subject: Fix broken regular expression accepting user input
......................................................................
Fix broken regular expression accepting user input
Doesn't seem exploitable, but spews warnings and breaks stuff.
Change-Id: I7fe931f7ba155409a659503e5c69dad382cdd129
---
M includes/SF_FormPrinter.php
1 file changed, 8 insertions(+), 1 deletion(-)
Approvals:
Yaron Koren: Checked; Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/SF_FormPrinter.php b/includes/SF_FormPrinter.php
index 40cc491..024a3d5 100644
--- a/includes/SF_FormPrinter.php
+++ b/includes/SF_FormPrinter.php
@@ -1047,7 +1047,14 @@
}
$equalsSigns = str_pad( '',
$page_section_in_form->getSectionLevel(), '=' );
- $searchStr = '/^' .
$equalsSigns . '[ ]*?' . $section_name . '[ ]*?' . $equalsSigns . '$/m';
+ $searchStr =
+ '/^' .
+ preg_quote(
$equalsSigns, '/' ) .
+ '[ ]*?' .
+ preg_quote(
$section_name, '/' ) .
+ '[ ]*?' .
+ preg_quote(
$equalsSigns, '/' ) .
+ '$/m';
if ( preg_match( $searchStr,
$existing_page_content, $matches, PREG_OFFSET_CAPTURE ) ) {
$section_start_loc =
$matches[0][1];
$header_text =
$matches[0][0];
--
To view, visit https://gerrit.wikimedia.org/r/267069
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I7fe931f7ba155409a659503e5c69dad382cdd129
Gerrit-PatchSet: 3
Gerrit-Project: mediawiki/extensions/SemanticForms
Gerrit-Branch: master
Gerrit-Owner: Nikerabbit <[email protected]>
Gerrit-Reviewer: Nikerabbit <[email protected]>
Gerrit-Reviewer: Yaron Koren <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
