Bug #99023
closed
Regular expression is not escaped and causes errors
100%
Description
In ExtensionManagementUtility:
switch ($positionIdentifier) {
case 'after':
case 'before':
if (preg_match('/\\b' . $entityName . '\\b/', $palette['showitem']) > 0 || $entityName === 'palette:' . $paletteName) {
Function parameter $position is set to 'before:--div--;LLL:EXT:frontend/Resources/Private/Language/locallang_ttc.xlf:tabs.media'.
Variable $entityName becomes '--div--;LLL:EXT:frontend/Resources/Private/Language/locallang_ttc.xlf:tabs.media'
Result is an exception:
[ TYPO3\CMS\Core\Error\Exception ] Warning: preg_match(): Unknown modifier 'R' in /var/www/html/html/typo3/sysext/core/Classes/Utility/ExtensionManagementUtility.php line 277
Files
Updated by Dmitry Dulepov over 1 year ago
There is the same unquoted regexp couple of lines below in that function.
Updated by Dmitry Dulepov over 1 year ago
diff --git a/Classes/Utility/ExtensionManagementUtility.php b/Classes/Utility/ExtensionManagementUtility.php
index 629978dce..522399ff4 100644
--- a/Classes/Utility/ExtensionManagementUtility.php
+++ b/Classes/Utility/ExtensionManagementUtility.php
@@ -274,7 +274,7 @@ class ExtensionManagementUtility
switch ($positionIdentifier) {
case 'after':
case 'before':
- if (preg_match('/\\b' . $entityName . '\\b/', $palette['showitem']) > 0 || $entityName === 'palette:' . $paletteName) {
+ if (preg_match('/\\b' . preg_quote($entityName, '/') . '\\b/', $palette['showitem']) > 0 || $entityName === 'palette:' . $paletteName) {
$newPosition = $positionIdentifier . ':--palette--;;' . $paletteName;
}
break;
@@ -284,7 +284,7 @@ class ExtensionManagementUtility
$fieldExists = true;
continue 2;
}
- if (preg_match('/\\b' . $entityName . '\\b/', $palette['showitem']) > 0) {
+ if (preg_match('/\\b' . preg_quote($entityName, '/') . '\\b/', $palette['showitem']) > 0) {
self::addFieldsToPalette($table, $paletteName, $newFieldsString, $position);
// Memorize that we already changed this palette, in case other types also use it
$palettesChanged[$paletteName] = true;
Updated by Anja Leichsenring over 1 year ago
- Related to Bug #98960: Migration from switchable Controller Actions incomplete added
Updated by Gerrit Code Review over 1 year ago
- Status changed from New to Under Review
Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76487
Updated by Gerrit Code Review over 1 year ago
Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76487
Updated by Gerrit Code Review over 1 year ago
Patch set 3 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76487
Updated by
Updated by Gerrit Code Review over 1 year ago
Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76488
Updated by Gerrit Code Review over 1 year ago
Patch set 1 for branch 11.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76495
Updated by Oliver Bartsch over 1 year ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 9835fda726bd255d5fbcebd5934467cd09246d00.
Updated by