diff options
| author | Derky <derky@phpbb.com> | 2019-03-14 21:46:02 +0100 |
|---|---|---|
| committer | Derky <derky@phpbb.com> | 2019-03-14 21:46:02 +0100 |
| commit | 56060caa4c44620929b6e17fe4622343750ad302 (patch) | |
| tree | f7d5ca89e5f7e1bbb221c40a26d93336c4a3b78d /phpBB | |
| parent | df93420bcda29874d27e53001a49ca86154755b1 (diff) | |
| download | forums-56060caa4c44620929b6e17fe4622343750ad302.tar forums-56060caa4c44620929b6e17fe4622343750ad302.tar.gz forums-56060caa4c44620929b6e17fe4622343750ad302.tar.bz2 forums-56060caa4c44620929b6e17fe4622343750ad302.tar.xz forums-56060caa4c44620929b6e17fe4622343750ad302.zip | |
[ticket/security/235] Apply wildcard char count patch
SECURITY-235
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/phpbb/search/fulltext_native.php | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/phpBB/phpbb/search/fulltext_native.php b/phpBB/phpbb/search/fulltext_native.php index 4172e2cc4f..9a6d62f9d8 100644 --- a/phpBB/phpbb/search/fulltext_native.php +++ b/phpBB/phpbb/search/fulltext_native.php @@ -190,7 +190,7 @@ class fulltext_native extends \phpbb\search\base */ public function split_keywords($keywords, $terms) { - $tokens = '+-|()*'; + $tokens = '+-|()* '; $keywords = trim($this->cleanup($keywords, $tokens)); @@ -224,12 +224,10 @@ class fulltext_native extends \phpbb\search\base $keywords[$i] = '|'; break; case '*': - if ($i === 0 || ($keywords[$i - 1] !== '*' && strcspn($keywords[$i - 1], $tokens) === 0)) + // $i can never be 0 here since $open_bracket is initialised to false + if (strpos($tokens, $keywords[$i - 1]) !== false && ($i + 1 === $n || strpos($tokens, $keywords[$i + 1]) !== false)) { - if ($i === $n - 1 || ($keywords[$i + 1] !== '*' && strcspn($keywords[$i + 1], $tokens) === 0)) - { - $keywords = substr($keywords, 0, $i) . substr($keywords, $i + 1); - } + $keywords[$i] = '|'; } break; } @@ -264,7 +262,7 @@ class fulltext_native extends \phpbb\search\base } } - if ($open_bracket) + if ($open_bracket !== false) { $keywords .= ')'; } @@ -409,8 +407,16 @@ class fulltext_native extends \phpbb\search\base { if (strpos($word_part, '*') !== false) { - $id_words[] = '\'' . $this->db->sql_escape(str_replace('*', '%', $word_part)) . '\''; - $non_common_words[] = $word_part; + $len = utf8_strlen(str_replace('*', '', $word_part)); + if ($len >= $this->word_length['min'] && $len <= $this->word_length['max']) + { + $id_words[] = '\'' . $this->db->sql_escape(str_replace('*', '%', $word_part)) . '\''; + $non_common_words[] = $word_part; + } + else + { + $this->common_words[] = $word_part; + } } else if (isset($words[$word_part])) { |