From 0fa076cfb7e3793c9de9e767b95ed9653033b622 Mon Sep 17 00:00:00 2001
From: Darryl Norris <admin@darrylnorris.com>
Date: Tue, 30 Jun 2015 08:54:35 -0500
Subject: [PATCH]  #2508735:Code injection via preg_replace(), combining
 comment

---
 core/lib/Drupal/Core/Block/BlockBase.php                          | 7 +------
 core/modules/image/src/PathProcessor/PathProcessorImageStyles.php | 2 +-
 core/modules/system/src/MachineNameController.php                 | 2 +-
 3 files changed, 3 insertions(+), 8 deletions(-)

diff --git a/core/lib/Drupal/Core/Block/BlockBase.php b/core/lib/Drupal/Core/Block/BlockBase.php
index 262fd0c..fe31b48 100644
--- a/core/lib/Drupal/Core/Block/BlockBase.php
+++ b/core/lib/Drupal/Core/Block/BlockBase.php
@@ -265,14 +265,9 @@ public function getMachineNameSuggestion() {
     //   \Drupal\system\MachineNameController::transliterate(), so it might make
     //   sense to provide a common service for the two.
     $transliterated = $this->transliteration()->transliterate($admin_label, LanguageInterface::LANGCODE_DEFAULT, '_');
-
-    $replace_pattern = '[^a-z0-9_.]+';
-
     $transliterated = Unicode::strtolower($transliterated);
 
-    if (isset($replace_pattern)) {
-      $transliterated = preg_replace('@' . $replace_pattern . '@', '', $transliterated);
-    }
+    $transliterated = preg_replace('@[^a-z0-9_.]+@', '', $transliterated);
 
     return $transliterated;
   }
diff --git a/core/modules/image/src/PathProcessor/PathProcessorImageStyles.php b/core/modules/image/src/PathProcessor/PathProcessorImageStyles.php
index c723860..58cbe75 100644
--- a/core/modules/image/src/PathProcessor/PathProcessorImageStyles.php
+++ b/core/modules/image/src/PathProcessor/PathProcessorImageStyles.php
@@ -43,7 +43,7 @@ public function processInbound($path, Request $request) {
     }
 
     // Strip out path prefix.
-    $rest = preg_replace('|^' . $path_prefix . '|', '', $path);
+    $rest = preg_replace('|^' . preg_quote($path_prefix, '|') . '|', '', $path);
 
     // Get the image style, scheme and path.
     if (substr_count($rest, '/') >= 2) {
diff --git a/core/modules/system/src/MachineNameController.php b/core/modules/system/src/MachineNameController.php
index 51085cd..9f4b572 100644
--- a/core/modules/system/src/MachineNameController.php
+++ b/core/modules/system/src/MachineNameController.php
@@ -67,7 +67,7 @@ public function transliterate(Request $request) {
       $transliterated = Unicode::strtolower($transliterated);
     }
     if(isset($replace_pattern) && isset($replace)) {
-      $transliterated = preg_replace('@' . $replace_pattern . '@', $replace, $transliterated);
+      $transliterated = preg_replace('@' . preg_quote($replace_pattern, '@') . '@', $replace, $transliterated);
     }
     return new JsonResponse($transliterated);
   }
-- 
2.3.2 (Apple Git-55)