Fix issue 618 by returning the input unaltered in case PCRE still fails
to evaluate it with the expanded backtrack limit.
This commit is contained in:
parent
5f008a14f5
commit
734ddda363
51
src/IDF/Template.php
Normal file
51
src/IDF/Template.php
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
<?php
|
||||||
|
/* -*- tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
||||||
|
/*
|
||||||
|
# ***** BEGIN LICENSE BLOCK *****
|
||||||
|
# This file is part of InDefero, an open source project management application.
|
||||||
|
# Copyright (C) 2011 Céondo Ltd and contributors.
|
||||||
|
#
|
||||||
|
# InDefero is free software; you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation; either version 2 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# InDefero is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with this program; if not, write to the Free Software
|
||||||
|
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
#
|
||||||
|
# ***** END LICENSE BLOCK ***** */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* PHP sets the backtrack limit quite low, so some (harder to analyze) regexes may fail
|
||||||
|
* unexpectedly on large inputs or weird cornercases (see issue 618). Unfortunately this
|
||||||
|
* fix does not always work and the execution time gets bigger the bigger we set the limit,
|
||||||
|
* so in case PCRE fails to analyze the input string and preg_replace(_callback) returns NULL,
|
||||||
|
* we at least return the input string unaltered.
|
||||||
|
*
|
||||||
|
* @param $pattern The pattern
|
||||||
|
* @param $mixed Callback or replacement string
|
||||||
|
* @param $input The input
|
||||||
|
* @return The output
|
||||||
|
*/
|
||||||
|
function IDF_Template_safePregReplace($pattern, $mixed, $input)
|
||||||
|
{
|
||||||
|
$pcre_backtrack_limit = ini_get('pcre.backtrack_limit');
|
||||||
|
ini_set('pcre.backtrack_limit', 10000000);
|
||||||
|
|
||||||
|
if (is_string($mixed) && !function_exists($mixed))
|
||||||
|
$output = preg_replace($pattern, $mixed, $input);
|
||||||
|
else
|
||||||
|
$output = preg_replace_callback($pattern, $mixed, $input);
|
||||||
|
|
||||||
|
if ($output === null)
|
||||||
|
$output = $input;
|
||||||
|
|
||||||
|
ini_set('pcre.backtrack_limit', $pcre_backtrack_limit);
|
||||||
|
return $output;
|
||||||
|
}
|
@ -22,6 +22,7 @@
|
|||||||
# ***** END LICENSE BLOCK ***** */
|
# ***** END LICENSE BLOCK ***** */
|
||||||
|
|
||||||
Pluf::loadFunction('Pluf_HTTP_URL_urlForView');
|
Pluf::loadFunction('Pluf_HTTP_URL_urlForView');
|
||||||
|
Pluf::loadFunction('IDF_Template_safePregReplace');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Make the links to issues and commits.
|
* Make the links to issues and commits.
|
||||||
@ -34,36 +35,31 @@ class IDF_Template_IssueComment extends Pluf_Template_Tag
|
|||||||
|
|
||||||
function start($text, $request, $echo=true, $wordwrap=true, $esc=true, $autolink=true, $nl2br=false)
|
function start($text, $request, $echo=true, $wordwrap=true, $esc=true, $autolink=true, $nl2br=false)
|
||||||
{
|
{
|
||||||
// PHP sets the backtrack limit quite low, so some regexes may
|
|
||||||
// fail unexpectedly on large inputs or weird cornercases (see issue 618)
|
|
||||||
$pcre_backtrack_limit = ini_get('pcre.backtrack_limit');
|
|
||||||
ini_set('pcre.backtrack_limit', 10000000);
|
|
||||||
|
|
||||||
$this->project = $request->project;
|
$this->project = $request->project;
|
||||||
$this->request = $request;
|
$this->request = $request;
|
||||||
$this->scm = IDF_Scm::get($request->project);
|
$this->scm = IDF_Scm::get($request->project);
|
||||||
if ($esc) $text = Pluf_esc($text);
|
if ($esc) $text = Pluf_esc($text);
|
||||||
if ($autolink) {
|
if ($autolink) {
|
||||||
$text = preg_replace('#([a-z]+://[^\s\(\)]+)#i',
|
$text = IDF_Template_safePregReplace('#([a-z]+://[^\s\(\)]+)#i',
|
||||||
'<a href="\1">\1</a>', $text);
|
'<a href="\1">\1</a>', $text);
|
||||||
}
|
}
|
||||||
if ($request->rights['hasIssuesAccess']) {
|
if ($request->rights['hasIssuesAccess']) {
|
||||||
$text = preg_replace_callback('#((?:issue|bug|ticket)(s)?\s+|\s+\#)(\d+)(\#ic\d+)?(?(2)((?:[, \w]+(?:\s+\#)?)?\d+(?:\#ic\d+)?){0,})#im',
|
$text = IDF_Template_safePregReplace('#((?:issue|bug|ticket)(s)?\s+|\s+\#)(\d+)(\#ic\d+)?(?(2)((?:[, \w]+(?:\s+\#)?)?\d+(?:\#ic\d+)?){0,})#im',
|
||||||
array($this, 'callbackIssues'), $text);
|
array($this, 'callbackIssues'), $text);
|
||||||
}
|
}
|
||||||
if ($request->rights['hasReviewAccess']) {
|
if ($request->rights['hasReviewAccess']) {
|
||||||
$text = preg_replace_callback('#(reviews?\s+)(\d+(?:(?:\s+and|\s+or|,)\s+\d+)*)\b#i',
|
$text = IDF_Template_safePregReplace('#(reviews?\s+)(\d+(?:(?:\s+and|\s+or|,)\s+\d+)*)\b#i',
|
||||||
array($this, 'callbackReviews'), $text);
|
array($this, 'callbackReviews'), $text);
|
||||||
}
|
}
|
||||||
if ($request->rights['hasSourceAccess']) {
|
if ($request->rights['hasSourceAccess']) {
|
||||||
$verbs = array('added', 'fixed', 'reverted', 'changed', 'removed');
|
$verbs = array('added', 'fixed', 'reverted', 'changed', 'removed');
|
||||||
$nouns = array('commit', 'commits', 'revision', 'revisions', 'rev', 'revs');
|
$nouns = array('commit', 'commits', 'revision', 'revisions', 'rev', 'revs');
|
||||||
$prefix = implode(' in|', $verbs).' in' . '|'.
|
$prefix = implode(' in|', $verbs).' in' . '|'.
|
||||||
implode('|', $nouns);
|
implode('|', $nouns);
|
||||||
$text = preg_replace_callback('#((?:'.$prefix.')(?:\s+r?))([0-9a-f]{1,40}((?:\s+and|\s+or|,)\s+r?[0-9a-f]{1,40})*)\b#i',
|
$text = IDF_Template_safePregReplace('#((?:'.$prefix.')(?:\s+r?))([0-9a-f]{1,40}((?:\s+and|\s+or|,)\s+r?[0-9a-f]{1,40})*)\b#i',
|
||||||
array($this, 'callbackCommits'), $text);
|
array($this, 'callbackCommits'), $text);
|
||||||
$text = preg_replace_callback('=(src:)([^\s@#,\(\)\\\\]+(?:(\\\\)[\s@#][^\s@#,\(\)\\\\]+){0,})+(?:\@([^\s#,]+))(?:#(\d+))?=im',
|
$text = IDF_Template_safePregReplace('=(src:)([^\s@#,\(\)\\\\]+(?:(\\\\)[\s@#][^\s@#,\(\)\\\\]+){0,})+(?:\@([^\s#,]+))(?:#(\d+))?=im',
|
||||||
array($this, 'callbackSource'), $text);
|
array($this, 'callbackSource'), $text);
|
||||||
}
|
}
|
||||||
if ($wordwrap) $text = Pluf_Text::wrapHtml($text, 69, "\n");
|
if ($wordwrap) $text = Pluf_Text::wrapHtml($text, 69, "\n");
|
||||||
if ($nl2br) $text = nl2br($text);
|
if ($nl2br) $text = nl2br($text);
|
||||||
@ -72,8 +68,6 @@ class IDF_Template_IssueComment extends Pluf_Template_Tag
|
|||||||
} else {
|
} else {
|
||||||
return $text;
|
return $text;
|
||||||
}
|
}
|
||||||
|
|
||||||
ini_set('pcre.backtrack_limit', $pcre_backtrack_limit);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -101,9 +95,9 @@ class IDF_Template_IssueComment extends Pluf_Template_Tag
|
|||||||
}
|
}
|
||||||
return $m[0]; // not existing issue.
|
return $m[0]; // not existing issue.
|
||||||
}
|
}
|
||||||
return preg_replace_callback('#(\#)?(\d+)(\#ic\d+)?#',
|
return IDF_Template_safePregReplace('#(\#)?(\d+)(\#ic\d+)?#',
|
||||||
array($this, 'callbackIssue'),
|
array($this, 'callbackIssue'),
|
||||||
$m[0]);
|
$m[0]);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -138,7 +132,7 @@ class IDF_Template_IssueComment extends Pluf_Template_Tag
|
|||||||
return $m[1].call_user_func(array($this, 'callbackCommit'), array($m[2]));
|
return $m[1].call_user_func(array($this, 'callbackCommit'), array($m[2]));
|
||||||
}
|
}
|
||||||
// Multiple commits like 'commits 6e030e6, a25bfc1 and 3c094f8'.
|
// Multiple commits like 'commits 6e030e6, a25bfc1 and 3c094f8'.
|
||||||
return $m[1].preg_replace_callback('#\b[0-9a-f]{1,40}\b#i', array($this, 'callbackCommit'), $m[2]);
|
return $m[1].IDF_Template_safePregReplace('#\b[0-9a-f]{1,40}\b#i', array($this, 'callbackCommit'), $m[2]);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -170,7 +164,7 @@ class IDF_Template_IssueComment extends Pluf_Template_Tag
|
|||||||
{
|
{
|
||||||
$keyword = rtrim($m[1]);
|
$keyword = rtrim($m[1]);
|
||||||
if ('reviews' === $keyword) {
|
if ('reviews' === $keyword) {
|
||||||
return $m[1].preg_replace_callback('#\b(\d+)\b#i', array($this, 'callbackReview'), $m[2]);
|
return $m[1].IDF_Template_safePregReplace('#\b(\d+)\b#i', array($this, 'callbackReview'), $m[2]);
|
||||||
} else if ('review' === $keyword) {
|
} else if ('review' === $keyword) {
|
||||||
return $m[1].call_user_func(array($this, 'callbackReview'), array('', $m[2]));
|
return $m[1].call_user_func(array($this, 'callbackReview'), array('', $m[2]));
|
||||||
}
|
}
|
||||||
|
@ -22,6 +22,7 @@
|
|||||||
# ***** END LICENSE BLOCK ***** */
|
# ***** END LICENSE BLOCK ***** */
|
||||||
|
|
||||||
Pluf::loadFunction('Pluf_Text_MarkDown_parse');
|
Pluf::loadFunction('Pluf_Text_MarkDown_parse');
|
||||||
|
Pluf::loadFunction('IDF_Template_safePregReplace');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Make the links to issues and commits.
|
* Make the links to issues and commits.
|
||||||
@ -34,11 +35,6 @@ class IDF_Template_Markdown extends Pluf_Template_Tag
|
|||||||
|
|
||||||
function start($text, $request)
|
function start($text, $request)
|
||||||
{
|
{
|
||||||
// PHP sets the backtrack limit quite low, so some regexes may
|
|
||||||
// fail unexpectedly on large inputs or weird cornercases (see issue 618)
|
|
||||||
$pcre_backtrack_limit = ini_get('pcre.backtrack_limit');
|
|
||||||
ini_set('pcre.backtrack_limit', 10000000);
|
|
||||||
|
|
||||||
$this->project = $request->project;
|
$this->project = $request->project;
|
||||||
$this->request = $request;
|
$this->request = $request;
|
||||||
// Replace like in the issue text
|
// Replace like in the issue text
|
||||||
@ -47,22 +43,20 @@ class IDF_Template_Markdown extends Pluf_Template_Tag
|
|||||||
// Replace [[[path/to/file.mdtext, commit]]] with embedding
|
// Replace [[[path/to/file.mdtext, commit]]] with embedding
|
||||||
// the content of the file into the wki page
|
// the content of the file into the wki page
|
||||||
if ($this->request->rights['hasSourceAccess']) {
|
if ($this->request->rights['hasSourceAccess']) {
|
||||||
$text = preg_replace_callback('#\[\[\[([^\,]+)(?:, ([^/]+))?\]\]\]#im',
|
$text = IDF_Template_safePregReplace('#\[\[\[([^\,]+)(?:, ([^/]+))?\]\]\]#im',
|
||||||
array($this, 'callbackEmbeddedDoc'),
|
array($this, 'callbackEmbeddedDoc'),
|
||||||
$text);
|
$text);
|
||||||
}
|
}
|
||||||
// Replace [Page]([[PageName]]) with corresponding link to the page, with link text being Page.
|
// Replace [Page]([[PageName]]) with corresponding link to the page, with link text being Page.
|
||||||
$text = preg_replace_callback('#\[([^\]]+)\]\(\[\[([A-Za-z0-9\-]+)\]\]\)#im',
|
$text = IDF_Template_safePregReplace('#\[([^\]]+)\]\(\[\[([A-Za-z0-9\-]+)\]\]\)#im',
|
||||||
array($this, 'callbackWikiPage'),
|
array($this, 'callbackWikiPage'),
|
||||||
$text);
|
$text);
|
||||||
// Replace [[PageName]] with corresponding link to the page.
|
// Replace [[PageName]] with corresponding link to the page.
|
||||||
$text = preg_replace_callback('#\[\[([A-Za-z0-9\-]+)\]\]#im',
|
$text = IDF_Template_safePregReplace('#\[\[([A-Za-z0-9\-]+)\]\]#im',
|
||||||
array($this, 'callbackWikiPageNoName'),
|
array($this, 'callbackWikiPageNoName'),
|
||||||
$text);
|
$text);
|
||||||
$filter = new IDF_Template_MarkdownPrefilter();
|
$filter = new IDF_Template_MarkdownPrefilter();
|
||||||
echo $filter->go(Pluf_Text_MarkDown_parse($text));
|
echo $filter->go(Pluf_Text_MarkDown_parse($text));
|
||||||
|
|
||||||
ini_set('pcre.backtrack_limit', $pcre_backtrack_limit);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function callbackWikiPageNoName($m)
|
function callbackWikiPageNoName($m)
|
||||||
|
Loading…
Reference in New Issue
Block a user