[cvs] commit: framework/Text_Filter/Filter xss.php
Chuck Hagenbuch
chuck at horde.org
Fri Mar 21 05:17:28 UTC 2008
Yar - nice detective work, anyway...
Quoting Michael M Slusarz <slusarz at horde.org>:
> slusarz 2008-03-21 01:13:27 EDT
>
> Modified files:
> Text_Filter/Filter xss.php
> Log:
> As of PHP 5.2 PHP established a backtrack limit on PCRE expressions. This
> backtrack limit is fairly small (100,000 characters by default), so long
> matching strings could potentnially fail. The worst part is, instead of
> returning the original string, preg_* funcs return null and output no
> error messages - you must use the preg_last_error() func (new as
> of PHP 5.2)
> to determine the issue.
>
> This is a long way of describing the issue seen here with certain HTML
> messages when viewed inline. The check for a body/html tag in the XSS
> filter was doing excessive backtrack if no body/html was found in the
> message. These messages occurred more often in tidy-cleaned messages since
> tidy is configured in IMP to remove body/html tags already. The solution
> (I think): use a once-only subpattern to indicate that the entire
> tag string
> must be matched and don't do backtracking if not (see the PHP PCRE Pattern
> Syntax page for more information).
>
> This is a useful note for all devs in the future when dealing with a PCRE
> expression that isn't matching anything but returns null. It only took me
> 2 hours to figure this out :(
>
> Revision Changes Path
> 1.13 +2 -2 framework/Text_Filter/Filter/xss.php
>
> Chora Links:
>
> http://cvs.horde.org/diff.php/framework/Text_Filter/Filter/xss.php?r1=1.12&r2=1.13&ty=u
>
> --
> To unsubscribe, mail: cvs-unsubscribe at lists.horde.org
>
-chuck
More information about the cvs
mailing list