From 16ea3e3f822424e19f150ee841c050f3eb688de5 Mon Sep 17 00:00:00 2001
From: Happy-melon <happy-melon@users.mediawiki.org>
Date: Sun, 29 May 2011 09:32:17 +0000
Subject: [PATCH] Rv r84022 for now: crashes PHP on large url strings
 (bug29197), which is a nasty DOS vector.  Leaving the parser tests in because
 this should definitely be fixed and reimplemented...

---
 includes/parser/Parser.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/includes/parser/Parser.php b/includes/parser/Parser.php
index 0d60f9c89d..74480b68f4 100644
--- a/includes/parser/Parser.php
+++ b/includes/parser/Parser.php
@@ -68,7 +68,7 @@ class Parser {
 
 	# Constants needed for external link processing
 	# Everything except bracket, space, or control characters
-	const EXT_LINK_URL_CLASS = '(?:[^\]\[<>"\\x00-\\x20\\x7F]|(?:\[\]))';
+	const EXT_LINK_URL_CLASS = '[^][<>"\\x00-\\x20\\x7F]';
 	const EXT_IMAGE_REGEX = '/^(http:\/\/|https:\/\/)([^][<>"\\x00-\\x20\\x7F]+)
 		\\/([A-Za-z0-9_.,~%\\-+&;#*?!=()@\\x80-\\xFF]+)\\.((?i)gif|png|jpg|jpeg)$/Sx';
 
@@ -184,7 +184,7 @@ class Parser {
 		$this->mConf = $conf;
 		$this->mUrlProtocols = wfUrlProtocols();
 		$this->mExtLinkBracketedRegex = '/\[(\b(' . wfUrlProtocols() . ')'.
-			'(?:[^\]\[<>"\x00-\x20\x7F]|\[\])+) *([^\]\\x00-\\x08\\x0a-\\x1F]*?)\]/S';
+			'[^][<>"\\x00-\\x20\\x7F]+) *([^\]\\x00-\\x08\\x0a-\\x1F]*?)\]/S';
 		if ( isset( $conf['preprocessorClass'] ) ) {
 			$this->mPreprocessorClass = $conf['preprocessorClass'];
 		} elseif ( extension_loaded( 'domxml' ) ) {
-- 
2.20.1