From 56bd9509ab2037512829392fda6427af7f390724 Mon Sep 17 00:00:00 2001
From: Phy <git@phy25.com>
Date: Thu, 17 Aug 2017 08:30:48 +0800
Subject: [PATCH] Fix sanitation of $language for code highlighting (fixes
 #2080)

---
 inc/parser/code.php     | 1 +
 inc/parser/renderer.php | 6 ++++++
 inc/parser/xhtml.php    | 2 ++
 3 files changed, 9 insertions(+)

diff --git a/inc/parser/code.php b/inc/parser/code.php
index fe93273e5..f91f1d228 100644
--- a/inc/parser/code.php
+++ b/inc/parser/code.php
@@ -21,6 +21,7 @@ class Doku_Renderer_code extends Doku_Renderer {
     function code($text, $language = null, $filename = '') {
         global $INPUT;
         if(!$language) $language = 'txt';
+        $language = preg_replace(PREG_PATTERN_VALID_LANGUAGE, '', $language);
         if(!$filename) $filename = 'snippet.'.$language;
         $filename = utf8_basename($filename);
         $filename = utf8_stripspecials($filename, '_');
diff --git a/inc/parser/renderer.php b/inc/parser/renderer.php
index 8bf3f5644..13deac29c 100644
--- a/inc/parser/renderer.php
+++ b/inc/parser/renderer.php
@@ -7,6 +7,12 @@
  */
 if(!defined('DOKU_INC')) die('meh.');
 
+/**
+ * Allowed chars in $language for code highlighting
+ * @see GeSHi::set_language()
+ */
+define('PREG_PATTERN_VALID_LANGUAGE', '#[^a-zA-Z0-9\-_]#');
+
 /**
  * An empty renderer, produces no output
  *
diff --git a/inc/parser/xhtml.php b/inc/parser/xhtml.php
index 1a7a5a7d0..8d2a623b1 100644
--- a/inc/parser/xhtml.php
+++ b/inc/parser/xhtml.php
@@ -630,6 +630,8 @@ class Doku_Renderer_xhtml extends Doku_Renderer {
         global $ID;
         global $lang;
 
+        $language = preg_replace(PREG_PATTERN_VALID_LANGUAGE, '', $language);
+
         if($filename) {
             // add icon
             list($ext) = mimetype($filename, false);
-- 
GitLab