summaryrefslogtreecommitdiffstats
path: root/web/html
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2011-01-28 17:40:02 +0100
committerLukas Fleischer <archlinux@cryptocrack.de>2011-01-28 17:40:02 +0100
commit492c8c668f1edb708e49bcafbacb22c58e2877a5 (patch)
tree6dd29fd3458ca5b6f4bd8a93a69dc14575f75708 /web/html
parentda2ebb667b7a332ddd8d905bf9b9a8694765fed6 (diff)
downloadaur-492c8c668f1edb708e49bcafbacb22c58e2877a5.tar.gz
aur-492c8c668f1edb708e49bcafbacb22c58e2877a5.tar.xz
Avoid infinite loop in PKGBUILD variable parser (fixes FS#19482).
Improves variable substitution in the PKGBUILD parser a bit to avoid infinite replacement loops when a PKGBUILD contains assigments of the form "foo=${foo[@]}bar". Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/html')
-rw-r--r--web/html/pkgsubmit.php26
1 files changed, 17 insertions, 9 deletions
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php
index c39e2f9e..b15da3ff 100644
--- a/web/html/pkgsubmit.php
+++ b/web/html/pkgsubmit.php
@@ -178,16 +178,24 @@ if ($_COOKIE["AURSID"]):
# Simple variable replacement
$pattern_var = '/\$({?)([_\w]+)(}?)/';
- while (preg_match($pattern_var,$v,$regs)) {
- $pieces = explode(" ",$pkgbuild["$regs[2]"],2);
-
- $pattern = '/\$'.$regs[1].$regs[2].$regs[3].'/';
- if ($regs[2] != $k) {
- $replacement = $pieces[0];
- } else {
- $replacement = "";
+ $offset = 0;
+ while (preg_match($pattern_var, $v, $regs, PREG_OFFSET_CAPTURE, $offset)) {
+ $var = $regs[2][0];
+ $pos = $regs[0][1];
+ $len = strlen($regs[0][0]);
+
+ if (isset($new_pkgbuild[$var])) {
+ $replacement = explode(" ", $new_pkgbuild[$var], 2);
+ }
+ elseif (isset($pkgbuild[$var]) && $var != $k) {
+ $replacement = explode(" ", $pkgbuild[$var], 2);
}
- $v=preg_replace($pattern, $replacement, $v);
+ else {
+ $replacement = '';
+ }
+
+ $v = substr_replace($v, $replacement, $pos, $len);
+ $offset += strlen($replacement);
}
$new_pkgbuild[$k] = $v;
}