Merge pull request #886 from splitbrain/chris_pcre66_bug

Fix for issues #877 & #885 related to a bug in PCRE 6.6
author: Christopher Smith <chris@jalakai.co.uk> 2014-10-07 15:51:12 +0100
committer: Christopher Smith <chris@jalakai.co.uk> 2014-10-07 15:51:12 +0100
commit: 1d27290af0f722f4b3c1dae466552706b02c97b1 (patch)
tree: 3eb41393b03e5ff1a8add7aba2849e33dee2a5f0
parent: 60aca4b904310fc764389d058c23e7b978b513a3 (diff)
parent: 9d846ff4e2a1d18faa3ce6df15f89425d194dd06 (diff)
download: rpg-1d27290af0f722f4b3c1dae466552706b02c97b1.tar.gz
rpg-1d27290af0f722f4b3c1dae466552706b02c97b1.tar.bz2
2 files changed, 73 insertions, 4 deletions
diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php
index cd5294157..cbfbbc587 100644
--- a/lib/plugins/authplain/_test/escaping.test.php
+++ b/lib/plugins/authplain/_test/escaping.test.php
@@ -13,12 +13,12 @@
  */
 class helper_plugin_authplain_escaping_test extends DokuWikiTest {
  
-    protected $pluginsEnabled = array('authplain');
+    protected $pluginsEnabled = array('authplainharness');
     protected $auth;
  
     protected function reloadUsers() {
         /* auth caches data loaded from file, but recreated object forces reload */
-        $this->auth = new auth_plugin_authplain();
+        $this->auth = new auth_plugin_authplainharness();
     }
 
     function setUp() {
@@ -76,7 +76,44 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest {
         $this->assertEquals($saved['name'], $user['name']);
         $this->assertTrue($this->auth->checkPass("testuser", $user['pass']));
     }
+
+    // really only required for developers to ensure this plugin will
+    // work with systems running on PCRE 6.6 and lower.
+    public function testLineSplit(){
+        $this->auth->setPregsplit_safe(false);
+
+        $names = array(
+          'plain',
+          'ut-fठ8',
+          'colon:',
+          'backslash\\',
+          'alltogether\\ठ:'
+        );
+        $userpass = 'user:password_hash:';
+        $other_user_data = ':email@address:group1,group2';
+
+        foreach ($names as $testname) {
+            $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname);   // escape : & \
+            $test_line = $userpass.$escaped.$other_user_data;
+            $result = $this->auth->splitUserData($test_line);
+
+            $this->assertEquals($escaped, $result[2]);
+        }
+    }
     
 }
 
-?>
-\ No newline at end of file
+class auth_plugin_authplainharness extends auth_plugin_authplain {
+
+    public function setPregsplit_safe($bool) {
+        $this->_pregsplit_safe = $bool;
+    }
+
+    public function getPregsplit_safe(){
+        return $this->_pregsplit_safe;
+    }
+
+    public function splitUserData($line){
+        return $this->_splitUserData($line);
+    }
+}
+\ No newline at end of file
diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php
index b3ca988b9..3d303597c 100644
--- a/lib/plugins/authplain/auth.php
+++ b/lib/plugins/authplain/auth.php
@@ -17,6 +17,9 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
     /** @var array filter pattern */
     protected $_pattern = array();
 
+    /** @var bool safe version of preg_split */
+    protected $_pregsplit_safe = false;
+
     /**
      * Constructor
      *
@@ -44,6 +47,8 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
             $this->cando['getUsers']     = true;
             $this->cando['getUserCount'] = true;
         }
+
+        $this->_pregsplit_safe = version_compare(PCRE_VERSION,'6.7','>=');
     }
 
     /**
@@ -329,7 +334,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
             if(empty($line)) continue;
 
             /* NB: preg_split can be deprecated/replaced with str_getcsv once dokuwiki is min php 5.3 */
-            $row = preg_split('/(?<![^\\\\]\\\\)\:/', $line, 5); // allow for : escaped as \:
+            $row = $this->_splitUserData($line);
             $row = str_replace('\\:', ':', $row);
             $row = str_replace('\\\\', '\\', $row);
 
@@ -342,6 +347,33 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
         }
     }
 
+    protected function _splitUserData($line){
+        // due to a bug in PCRE 6.6, preg_split will fail with the regex we use here
+        // refer github issues 877 & 885
+        if ($this->_pregsplit_safe){
+            return preg_split('/(?<![^\\\\]\\\\)\:/', $line, 5);       // allow for : escaped as \:
+        }
+
+        $row = array();
+        $piece = '';
+        $len = strlen($line);
+        for($i=0; $i<$len; $i++){
+            if ($line[$i]=='\\'){
+                $piece .= $line[$i];
+                $i++;
+                if ($i>=$len) break;
+            } else if ($line[$i]==':'){
+                $row[] = $piece;
+                $piece = '';
+                continue;
+            }
+            $piece .= $line[$i];
+        }
+        $row[] = $piece;
+
+        return $row;
+    }
+
     /**
      * return true if $user + $info match $filter criteria, false otherwise
      *
author	Christopher Smith <chris@jalakai.co.uk>	2014-10-07 15:51:12 +0100
committer	Christopher Smith <chris@jalakai.co.uk>	2014-10-07 15:51:12 +0100
commit	1d27290af0f722f4b3c1dae466552706b02c97b1 (patch)
tree	3eb41393b03e5ff1a8add7aba2849e33dee2a5f0
parent	60aca4b904310fc764389d058c23e7b978b513a3 (diff)
parent	9d846ff4e2a1d18faa3ce6df15f89425d194dd06 (diff)
download	rpg-1d27290af0f722f4b3c1dae466552706b02c97b1.tar.gz rpg-1d27290af0f722f4b3c1dae466552706b02c97b1.tar.bz2