diff options
| author | Lilli <lilli@janrain.com> | 2010-02-10 10:27:23 -0800 |
|---|---|---|
| committer | Lilli <lilli@janrain.com> | 2010-02-10 10:36:27 -0800 |
| commit | 106832dd5c6d218e57e7ab8f42ed839f0eb432ae (patch) | |
| tree | d1511ebabb17d7f46051bbb9ecfa36b395745cbd /Auth/OpenID | |
| parent | bef5b8d1c81ef54805e1ffa36972b75729d68b64 (diff) | |
| download | php-openid-106832dd5c6d218e57e7ab8f42ed839f0eb432ae.zip php-openid-106832dd5c6d218e57e7ab8f42ed839f0eb432ae.tar.gz php-openid-106832dd5c6d218e57e7ab8f42ed839f0eb432ae.tar.bz2 | |
Added the following patch from the dev@openidenabled.com mailing list:
http://lists.openidenabled.com/pipermail/dev/attachments/20070117/14e9fc7d/attachment.bin
Original Message:
dAniel hAhler dev-list-openidenabled at thequod.de
Wed Jan 17 14:02:44 PST 2007
[PHP-openid] PCRE backtrack error in Auth_OpenID_Parse::parseLinkAttrs() / todo (patch)
"Hi,
I find that the Auth_OpenID_Parse::parseLinkAttrs() method is quite ineffective.
It failed here (silently), because of a PREG_BACKTRACK_LIMIT_ERROR in preg_match() (introduced with PHP 5.2).
The attached patch adds a TODO with an idea of a better/more efficient implementation and a dirty workaround, by disabling this limit.
It seems like the parsing fails if the HTML to get parsed is > 100KB or something similar. The default backtrack limit is 100000.
..."
It should be noted that hunks 1, 4, and 5 out of the patch's 5 were applied successfully, I manually applied hunk 2, and hunk 3 could no longer be applied.
Diffstat (limited to 'Auth/OpenID')
| -rw-r--r-- | Auth/OpenID/Parse.php | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/Auth/OpenID/Parse.php b/Auth/OpenID/Parse.php index d18eae5..0d2ebef 100644 --- a/Auth/OpenID/Parse.php +++ b/Auth/OpenID/Parse.php @@ -220,6 +220,11 @@ class Auth_OpenID_Parse { * Find all link tags in a string representing a HTML document and * return a list of their attributes. * + * @todo This is quite ineffective and may fail with the default + * pcre.backtrack_limit of 100000 in PHP 5.2, if $html is big. + * It should rather use stripos (in PHP5) or strpos()+strtoupper() + * in PHP4 to manage this. + * * @param string $html The text to parse * @return array $list An array of arrays of attributes, one for each * link tag @@ -244,11 +249,15 @@ class Auth_OpenID_Parse { $stripped = substr($stripped, $html_begin, $html_end - $html_begin); + // Workaround to prevent PREG_BACKTRACK_LIMIT_ERROR: + $old_btlimit = ini_set( 'pcre.backtrack_limit', -1 ); + // Try to find the <HEAD> tag. $head_re = $this->headFind(); $head_matches = array(); if (!preg_match($head_re, $stripped, $head_matches)) { - return array(); + ini_set( 'pcre.backtrack_limit', $old_btlimit ); + return array(); } $link_data = array(); @@ -256,6 +265,7 @@ class Auth_OpenID_Parse { if (!preg_match_all($this->_link_find, $head_matches[0], $link_matches)) { + ini_set( 'pcre.backtrack_limit', $old_btlimit ); return array(); } @@ -273,6 +283,7 @@ class Auth_OpenID_Parse { $link_data[] = $link_attrs; } + ini_set( 'pcre.backtrack_limit', $old_btlimit ); return $link_data; } |