http://www.mediawiki.org/wiki/Special:Code/MediaWiki/89088
Revision: 89088
Author: happy-melon
Date: 2011-05-29 09:32:17 +0000 (Sun, 29 May 2011)
Log Message:
-----------
Rv r84022 for now: crashes PHP on large url strings (bug29197), which is a
nasty DOS vector. Leaving the parser tests in because this should definitely
be fixed and reimplemented...
Modified Paths:
--------------
trunk/phase3/includes/parser/Parser.php
Modified: trunk/phase3/includes/parser/Parser.php
===================================================================
--- trunk/phase3/includes/parser/Parser.php 2011-05-29 07:00:52 UTC (rev
89087)
+++ trunk/phase3/includes/parser/Parser.php 2011-05-29 09:32:17 UTC (rev
89088)
@@ -68,7 +68,7 @@
# Constants needed for external link processing
# Everything except bracket, space, or control characters
- const EXT_LINK_URL_CLASS = '(?:[^\]\[<>"\\x00-\\x20\\x7F]|(?:\[\]))';
+ const EXT_LINK_URL_CLASS = '[^][<>"\\x00-\\x20\\x7F]';
const EXT_IMAGE_REGEX =
'/^(http:\/\/|https:\/\/)([^][<>"\\x00-\\x20\\x7F]+)
\\/([A-Za-z0-9_.,~%\\-+&;#*?!=()@\\x80-\\xFF]+)\\.((?i)gif|png|jpg|jpeg)$/Sx';
@@ -184,7 +184,7 @@
$this->mConf = $conf;
$this->mUrlProtocols = wfUrlProtocols();
$this->mExtLinkBracketedRegex = '/\[(\b(' . wfUrlProtocols() .
')'.
- '(?:[^\]\[<>"\x00-\x20\x7F]|\[\])+)
*([^\]\\x00-\\x08\\x0a-\\x1F]*?)\]/S';
+ '[^][<>"\\x00-\\x20\\x7F]+)
*([^\]\\x00-\\x08\\x0a-\\x1F]*?)\]/S';
if ( isset( $conf['preprocessorClass'] ) ) {
$this->mPreprocessorClass = $conf['preprocessorClass'];
} elseif ( extension_loaded( 'domxml' ) ) {
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
