head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.4
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.2
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2012Q1:1.1.0.4
	pkgsrc-2012Q1-base:1.1
	pkgsrc-2011Q4:1.1.0.2
	pkgsrc-2011Q4-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2012.06.07.21.46.55;	author ryoon;	state dead;
branches;
next	1.1;

1.1
date	2011.12.26.19.05.32;	author ryoon;	state Exp;
branches;
next	;


desc
@@


1.2
log
@patch-lib_wiki-plugins_wikiplugin__snarf.php is not needed anymore.
@
text
@$NetBSD: patch-lib_wiki-plugins_wikiplugin__snarf.php,v 1.1 2011/12/26 19:05:32 ryoon Exp $

* Fix security bug, http://dev.tiki.org/item4059 .

--- lib/wiki-plugins/wikiplugin_snarf.php.orig	2011-07-14 22:36:39.000000000 +0000
+++ lib/wiki-plugins/wikiplugin_snarf.php
@@@@ -178,8 +178,13 @@@@ function wikiplugin_snarf($data, $params
 	}
 
 	// If the user specified a more specialized regex
-	if ( isset($params['regex']) && isset($params['regexres']) && preg_match('/^(.)(.)+\1[^e]*$/', $params['regex']) ) {
-		$snarf = preg_replace( $params['regex'], $params['regexres'], $snarf );
+	if (isset($params['regex']) && isset($params['regexres'])) { 
+		// fixes http://dev.tiki.org/item4059
+		$params['regex'] = str_replace("\0", "", $params['regex']);
+		
+		if (preg_match('/^(.)(.)+\1[^e]*$/', $params['regex'])) {
+			$snarf = preg_replace($params['regex'], $params['regexres'], $snarf);
+		}
 	}
 
 	if ( $data == '' ) $data = NULL;
@


1.1
log
@Fix security bug, http://dev.tiki.org/item4059, patch from upstream SVN.
Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
@