From 6c23e6d33a6053ebfbf6d27a4750dd337ee0e567 Mon Sep 17 00:00:00 2001 From: Darryl Norris Date: Tue, 30 Jun 2015 07:52:05 -0500 Subject: [PATCH] #2508735:Code injection via preg_replace(), combining comment #7 and 19. --- core/lib/Drupal/Core/Block/BlockBase.php | 7 +------ core/modules/image/src/PathProcessor/PathProcessorImageStyles.php | 2 +- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/core/lib/Drupal/Core/Block/BlockBase.php b/core/lib/Drupal/Core/Block/BlockBase.php index 262fd0c..d8054d6 100644 --- a/core/lib/Drupal/Core/Block/BlockBase.php +++ b/core/lib/Drupal/Core/Block/BlockBase.php @@ -265,14 +265,9 @@ public function getMachineNameSuggestion() { // \Drupal\system\MachineNameController::transliterate(), so it might make // sense to provide a common service for the two. $transliterated = $this->transliteration()->transliterate($admin_label, LanguageInterface::LANGCODE_DEFAULT, '_'); - - $replace_pattern = '[^a-z0-9_.]+'; - $transliterated = Unicode::strtolower($transliterated); - if (isset($replace_pattern)) { - $transliterated = preg_replace('@' . $replace_pattern . '@', '', $transliterated); - } + $transliterated = preg_replace('@' . preg_quote($replace_pattern, '@') . '@', $replace, $transliterated); return $transliterated; } diff --git a/core/modules/image/src/PathProcessor/PathProcessorImageStyles.php b/core/modules/image/src/PathProcessor/PathProcessorImageStyles.php index c723860..58cbe75 100644 --- a/core/modules/image/src/PathProcessor/PathProcessorImageStyles.php +++ b/core/modules/image/src/PathProcessor/PathProcessorImageStyles.php @@ -43,7 +43,7 @@ public function processInbound($path, Request $request) { } // Strip out path prefix. - $rest = preg_replace('|^' . $path_prefix . '|', '', $path); + $rest = preg_replace('|^' . preg_quote($path_prefix, '|') . '|', '', $path); // Get the image style, scheme and path. if (substr_count($rest, '/') >= 2) { -- 2.3.2 (Apple Git-55)