summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKevin Morssink <contact@kevinmorssink.nl>2015-08-04 19:05:46 +0200
committerAndrey Andreev <narf@devilix.net>2015-08-07 12:24:22 +0200
commit36bd3413be0807fe358d87856b3a2f42047764fd (patch)
tree189aabec8c693b3a0bd78c3c5c886196886685b2
parent4e5ff1f7f8c1897526e9362fdcf7b574c1b3cdf9 (diff)
Fix ReDoS-bug in string_helper.php
Fix for ReDoS (Regular Expression Denial of Service) / Code Injection Risk
-rw-r--r--system/helpers/string_helper.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php
index 5860e15fb..28e6ab15f 100644
--- a/system/helpers/string_helper.php
+++ b/system/helpers/string_helper.php
@@ -253,7 +253,7 @@ if ( ! function_exists('increment_string'))
*/
function increment_string($str, $separator = '_', $first = 1)
{
- preg_match('/(.+)'.$separator.'([0-9]+)$/', $str, $match);
+ preg_match('/(.+)' . preg_quote($separator) . '([0-9]+)$/', $str, $match);
return isset($match[2]) ? $match[1].$separator.($match[2] + 1) : $str.$separator.$first;
}
}