Fix for issues 877 & 885 related to a bug in PCRE 6.6

author: Christopher Smith <chris@jalakai.co.uk> 2014-10-03 17:41:14 +0100
committer: Christopher Smith <chris@jalakai.co.uk> 2014-10-03 17:41:14 +0100
commit: 6c8c1f4632a82459236200e9264c40ecebd4b162 (patch)
tree: 86a45ca5f8d37ef73533a9c37147d8976f9dfa33 /lib/plugins
parent: 57271d078b9c433bec79d75cb44dadcafeae07df (diff)
download: rpg-6c8c1f4632a82459236200e9264c40ecebd4b162.tar.gz
rpg-6c8c1f4632a82459236200e9264c40ecebd4b162.tar.bz2
2 files changed, 70 insertions, 4 deletions
diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php
index cd5294157..5a5f67c82 100644
--- a/lib/plugins/authplain/_test/escaping.test.php
+++ b/lib/plugins/authplain/_test/escaping.test.php
@@ -13,12 +13,12 @@
  */
 class helper_plugin_authplain_escaping_test extends DokuWikiTest {
  
-    protected $pluginsEnabled = array('authplain');
+    protected $pluginsEnabled = array('authplainharness');
     protected $auth;
  
     protected function reloadUsers() {
         /* auth caches data loaded from file, but recreated object forces reload */
-        $this->auth = new auth_plugin_authplain();
+        $this->auth = new auth_plugin_authplainharness();
     }
 
     function setUp() {
@@ -76,7 +76,44 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest {
         $this->assertEquals($saved['name'], $user['name']);
         $this->assertTrue($this->auth->checkPass("testuser", $user['pass']));
     }
+
+    // really only required for developers to ensure this plugin will
+    // work with systems running on PCRE 6.6 and lower.
+    public function testLineSplit(){
+        $this->auth->setPregsplit_safe(false);
+
+        $names = array(
+          'plain',
+          'ut-fठ8',
+          'colon:',
+          'backslash\\',
+          'alltogether\\ठ:'
+        );
+        $userpass = 'user:password_hash:';
+        $other_user_data = ':email@address:group1,group2';
+
+        foreach ($names as $testname) {
+            $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname);   // escape : & \
+            $test_line = $userpass.$escaped.$other_user_data;
+            $result = $this->auth->splitUserData($test_line);
+
+            $this->assertEquals($testname, $result[2]);
+        }
+    }
     
 }
 
-?>
-\ No newline at end of file
+class auth_plugin_authplainharness extends auth_plugin_authplain {
+
+    public function setPregsplit_safe($bool) {
+        $this->_pregsplit_safe = $bool;
+    }
+
+    public function getPregsplit_safe(){
+        return $this->_pregsplit_safe;
+    }
+
+    public function splitUserData($line){
+        return $this->_splitUserData($line);
+    }
+}
+\ No newline at end of file
diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php
index b3ca988b9..ec5d16e9d 100644
--- a/lib/plugins/authplain/auth.php
+++ b/lib/plugins/authplain/auth.php
@@ -17,6 +17,9 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
     /** @var array filter pattern */
     protected $_pattern = array();
 
+    /** @var bool safe version of preg_split */
+    protected $_pregsplit_safe = false;
+
     /**
      * Constructor
      *
@@ -44,6 +47,8 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
             $this->cando['getUsers']     = true;
             $this->cando['getUserCount'] = true;
         }
+
+        $this->_pregsplit_safe = version_compare(PCRE_VERSION,'6.7','>=');
     }
 
     /**
@@ -329,7 +334,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
             if(empty($line)) continue;
 
             /* NB: preg_split can be deprecated/replaced with str_getcsv once dokuwiki is min php 5.3 */
-            $row = preg_split('/(?<![^\\\\]\\\\)\:/', $line, 5); // allow for : escaped as \:
+            $row = $this->_splitUserData($line);
             $row = str_replace('\\:', ':', $row);
             $row = str_replace('\\\\', '\\', $row);
 
@@ -342,6 +347,30 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
         }
     }
 
+    protected function _splitUserData($line){
+        // due to a bug in PCRE 6.6, preg_split will fail with the regex we use here
+        // refer github issues 877 & 885
+        if ($this->_pregsplit_safe){
+            return preg_split('/(?<![^\\\\]\\\\)\:/', $line, 5);       // allow for : escaped as \:
+        }
+
+        $row = array();
+        $piece = '';
+        for($i=0; $i<strlen($line); $i++){
+            if ($line[$i]=='\\'){
+                $i++;
+            } else if ($line[$i]==':'){
+                $row[] = $piece;
+                $piece = '';
+                continue;
+            }
+            $piece .= $line[$i];
+        }
+        $row[] = $piece;
+
+        return $row;
+    }
+
     /**
      * return true if $user + $info match $filter criteria, false otherwise
      *
author	Christopher Smith <chris@jalakai.co.uk>	2014-10-03 17:41:14 +0100
committer	Christopher Smith <chris@jalakai.co.uk>	2014-10-03 17:41:14 +0100
commit	6c8c1f4632a82459236200e9264c40ecebd4b162 (patch)
tree	86a45ca5f8d37ef73533a9c37147d8976f9dfa33 /lib/plugins
parent	57271d078b9c433bec79d75cb44dadcafeae07df (diff)
download	rpg-6c8c1f4632a82459236200e9264c40ecebd4b162.tar.gz rpg-6c8c1f4632a82459236200e9264c40ecebd4b162.tar.bz2