[MediaWiki-commits] [Gerrit] Do not crash on invalid codepoint references in style attrib... - change (mediawiki/core)

Fri, 04 Oct 2013 19:25:05 -0700 

Lambdafu has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/87648


Change subject: Do not crash on invalid codepoint references in style 
attributes.
......................................................................

Do not crash on invalid codepoint references in style attributes.

An invalid codepoint reference causes the parser to crash with a
fatal error:
"Asked for code outside of range (1114112)"

The patch validates the codepoint and substitutes invalid ones
with a replacement character.

As a side note, maybe style attributes should be normalized
after processing, but that's a separate issue.

Change-Id: I3fa8fe33f7acb68f357a5726f2de5140b0f7153d
---
M includes/Sanitizer.php
M tests/parser/parserTests.txt
2 files changed, 10 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/48/87648/1

diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php
index 499d821..dfeb18e 100644
--- a/includes/Sanitizer.php
+++ b/includes/Sanitizer.php
@@ -903,7 +903,7 @@
                        // Line continuation
                        return '';
                } elseif ( $matches[2] !== '' ) {
-                       $char = codepointToUtf8( hexdec( $matches[2] ) );
+                       $char = Sanitizer::decodeChar( hexdec( $matches[2] ) );
                } elseif ( $matches[3] !== '' ) {
                        $char = $matches[3];
                } else {
diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt
index 3266b16..aafd246 100644
--- a/tests/parser/parserTests.txt
+++ b/tests/parser/parserTests.txt
@@ -11606,6 +11606,15 @@
 
 !! end
 
+!! test
+De-escaping CSS character references.
+!! input
+<span style="\110000">x</span>
+!! result
+<p><span style="�">x</span>
+</p>
+!! end
+
 #
 #
 #

-- 
To view, visit https://gerrit.wikimedia.org/r/87648
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I3fa8fe33f7acb68f357a5726f2de5140b0f7153d
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Lambdafu <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to