From: Mr. E23 <e23@users.mediawiki.org>
Date: Mon, 1 Dec 2003 00:28:25 +0000 (+0000)
Subject: Workaround to avoid regexp segfault in wfGeneralizeSQL()
X-Git-Tag: 1.1.0~40
X-Git-Url: http://git.cyclocoop.org/ecrire?a=commitdiff_plain;h=80c11c6b495e93fd270c33caea6882b08edf85e7;p=lhc%2Fweb%2Fwiklou.git

Workaround to avoid regexp segfault in wfGeneralizeSQL()
---

diff --git a/includes/DatabaseFunctions.php b/includes/DatabaseFunctions.php
index a0f572a75b..9a05c6211c 100644
--- a/includes/DatabaseFunctions.php
+++ b/includes/DatabaseFunctions.php
@@ -220,12 +220,23 @@ function wfInvertTimestamp( $ts ) {
 # Removes most variables from an SQL query and replaces them with X or N for numbers.
 # It's only slightly flawed. Don't use for anything important.
 function wfGeneralizeSQL( $sql )
-{
-	# This could be done faster with some arrays and a single preg_replace,
-	# but this show more clearly what's going on. Which may be a good thing.
-	$sql = preg_replace( "/'.*?[^\\\\]'/", "'X'", $sql );
-	$sql = preg_replace ( "/-?\d+/" , "N", $sql);
+{	
+	# This does the same as the regexp below would do, but in such a way
+	# as to avoid crashing php on some large strings.
+	# $sql = preg_replace ( "/'([^\\\\']|\\\\.)*'|\"([^\\\\\"]|\\\\.)*\"/", "'X'", $sql);
+
+	$sql = str_replace ( "\\\\", "", $sql);
+	$sql = str_replace ( "\\'", "", $sql);
+	$sql = str_replace ( "\\\"", "", $sql);
+	$sql = preg_replace ("/'.*'/s", "'X'", $sql);
+	$sql = preg_replace ('/".*"/s', "'X'", $sql);
+
+	# All newlines, tabs, etc replaced by single space
 	$sql = preg_replace ( "/\s+/", " ", $sql);
+
+	# All numbers => N	
+	$sql = preg_replace ('/-?[0-9]+/s', "N", $sql);
+
 	return $sql;
 }