Skip to content
Snippets Groups Projects
Commit 1d27290a authored by Christopher Smith's avatar Christopher Smith
Browse files

Merge pull request #886 from splitbrain/chris_pcre66_bug 

Fix for issues #877 & #885 related to a bug in PCRE 6.6
parents 60aca4b9 9d846ff4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/plugins/authplain/_test/escaping.test.php
+ 40
3
View file @ 1d27290a
......@@ -13,12 +13,12 @@
*/
class helper_plugin_authplain_escaping_test extends DokuWikiTest {
protected $pluginsEnabled = array('authplain');
protected $pluginsEnabled = array('authplainharness');
protected $auth;
protected function reloadUsers() {
/* auth caches data loaded from file, but recreated object forces reload */
$this->auth = new auth_plugin_authplain();
$this->auth = new auth_plugin_authplainharness();
}
function setUp() {
......@@ -76,7 +76,44 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest {
$this->assertEquals($saved['name'], $user['name']);
$this->assertTrue($this->auth->checkPass("testuser", $user['pass']));
}
// really only required for developers to ensure this plugin will
// work with systems running on PCRE 6.6 and lower.
public function testLineSplit(){
$this->auth->setPregsplit_safe(false);
$names = array(
'plain',
'ut-fठ8',
'colon:',
'backslash\\',
'alltogether\\ठ:'
);
$userpass = 'user:password_hash:';
$other_user_data = ':email@address:group1,group2';
foreach ($names as $testname) {
$escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname); // escape : & \
$test_line = $userpass.$escaped.$other_user_data;
$result = $this->auth->splitUserData($test_line);
$this->assertEquals($escaped, $result[2]);
}
}
}
?>
\ No newline at end of file
class auth_plugin_authplainharness extends auth_plugin_authplain {
public function setPregsplit_safe($bool) {
$this->_pregsplit_safe = $bool;
}
public function getPregsplit_safe(){
return $this->_pregsplit_safe;
}
public function splitUserData($line){
return $this->_splitUserData($line);
}
}
\ No newline at end of file
lib/plugins/authplain/auth.php
+ 33
1
View file @ 1d27290a
......@@ -17,6 +17,9 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
/** @var array filter pattern */
protected $_pattern = array();
/** @var bool safe version of preg_split */
protected $_pregsplit_safe = false;
/**
* Constructor
*
......@@ -44,6 +47,8 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
$this->cando['getUsers'] = true;
$this->cando['getUserCount'] = true;
}
$this->_pregsplit_safe = version_compare(PCRE_VERSION,'6.7','>=');
}
/**
......@@ -329,7 +334,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
if(empty($line)) continue;
/* NB: preg_split can be deprecated/replaced with str_getcsv once dokuwiki is min php 5.3 */
$row = preg_split('/(?<![^\\\\]\\\\)\:/', $line, 5); // allow for : escaped as \:
$row = $this->_splitUserData($line);
$row = str_replace('\\:', ':', $row);
$row = str_replace('\\\\', '\\', $row);
......@@ -342,6 +347,33 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
}
}
protected function _splitUserData($line){
// due to a bug in PCRE 6.6, preg_split will fail with the regex we use here
// refer github issues 877 & 885
if ($this->_pregsplit_safe){
return preg_split('/(?<![^\\\\]\\\\)\:/', $line, 5); // allow for : escaped as \:
}
$row = array();
$piece = '';
$len = strlen($line);
for($i=0; $i<$len; $i++){
if ($line[$i]=='\\'){
$piece .= $line[$i];
$i++;
if ($i>=$len) break;
} else if ($line[$i]==':'){
$row[] = $piece;
$piece = '';
continue;
}
$piece .= $line[$i];
}
$row[] = $piece;
return $row;
}
/**
* return true if $user + $info match $filter criteria, false otherwise
*
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment