https://bugzilla.wikimedia.org/show_bug.cgi?id=23108
Summary: SearchHighlighter::highlightSimple() doesn't escape
regex chars in input, leads to PHP errors about
unbalanced ( )
Product: MediaWiki
Version: 1.16-svn
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: Normal
Component: Search
AssignedTo: [email protected]
ReportedBy: [email protected]
Observed the following error message on the WMF cluster:
Apr 9 09:38:58 10.0.2.231 apache2[22312]: PHP Warning: preg_match() [<a
href='function.preg-match'>function.preg-match</a>]: Compilation failed:
missing ) at offset 52 in
/usr/local/apache/common-local/wmf-deployment/includes/search/SearchEngine.php
on line 1212
Apr 9 09:39:06 10.0.2.231 apache2[22312]:last message repeated 102 times
Some quick testing indicates this is very likely to be caused by a literal '('
in the $terms parameter, which is thrown into a regex unescaped.
The attached patch fixes this by escaping regex chars in $terms ; I submitted
it here rather than committing it straight to SVN because I wasn't sure about
the semantics of this function and whether regex chars in $terms being
interpreted was a feature or a bug.
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
