* unit testing our internal implementation.
*
* @since 1.21
+ * @note In MediaWiki 1.21, this function did not provide proper UTF-8 validation.
+ * In particular, the pure PHP code path did not in fact check for overlong forms.
+ * Beware of this when backporting code to that version of MediaWiki.
*
* @param string $value String to check
* @param boolean $disableMbstring Whether to use the pure PHP
* @return boolean Whether the given $value is a valid UTF-8 encoded string
*/
static function isUtf8( $value, $disableMbstring = false ) {
+ $value = (string)$value;
- if ( preg_match( '/[\x80-\xff]/', $value ) === 0 ) {
- # no high bit set, this is pure ASCII which is de facto
- # valid UTF-8
+ // If the mbstring extension is loaded, use it. However, before PHP 5.4, values above
+ // U+10FFFF are incorrectly allowed, so we have to check for them separately.
+ if ( !$disableMbstring && function_exists( 'mb_check_encoding' ) ) {
+ static $newPHP;
+ if ( $newPHP === null ) {
+ $newPHP = !mb_check_encoding( "\xf4\x90\x80\x80", 'UTF-8' );
+ }
+
+ return mb_check_encoding( $value, 'UTF-8' ) &&
+ ( $newPHP || preg_match( "/\xf4[\x90-\xbf]|[\xf5-\xff]/S", $value ) === 0 );
+ }
+
+ if ( preg_match( "/[\x80-\xff]/S", $value ) === 0 ) {
+ // String contains only ASCII characters, has to be valid
return true;
}
- if ( !$disableMbstring && function_exists( 'mb_check_encoding' ) ) {
- return mb_check_encoding( $value, 'UTF-8' );
- } else {
- $hasUtf8 = preg_match( '/^(?>
- [\x00-\x7f]
- | [\xc0-\xdf][\x80-\xbf]
- | [\xe0-\xef][\x80-\xbf]{2}
- | [\xf0-\xf7][\x80-\xbf]{3}
- | [\xf8-\xfb][\x80-\xbf]{4}
- | \xfc[\x84-\xbf][\x80-\xbf]{4}
- )+$/x', $value );
- return ($hasUtf8 > 0 );
+ // PCRE implements repetition using recursion; to avoid a stack overflow (and segfault)
+ // for large input, we check for invalid sequences (<= 5 bytes) rather than valid
+ // sequences, which can be as long as the input string is. Multiple short regexes are
+ // used rather than a single long regex for performance.
+ static $regexes;
+ if ( $regexes === null ) {
+ $cont = "[\x80-\xbf]";
+ $after = "(?!$cont)"; // "(?:[^\x80-\xbf]|$)" would work here
+ $regexes = array(
+ // Continuation byte at the start
+ "/^$cont/",
+
+ // ASCII byte followed by a continuation byte
+ "/[\\x00-\x7f]$cont/S",
+
+ // Illegal byte
+ "/[\xc0\xc1\xf5-\xff]/S",
+
+ // Invalid 2-byte sequence, or valid one then an extra continuation byte
+ "/[\xc2-\xdf](?!$cont$after)/S",
+
+ // Invalid 3-byte sequence, or valid one then an extra continuation byte
+ "/\xe0(?![\xa0-\xbf]$cont$after)/",
+ "/[\xe1-\xec\xee\xef](?!$cont{2}$after)/S",
+ "/\xed(?![\x80-\x9f]$cont$after)/",
+
+ // Invalid 4-byte sequence, or valid one then an extra continuation byte
+ "/\xf0(?![\x90-\xbf]$cont{2}$after)/",
+ "/[\xf1-\xf3](?!$cont{3}$after)/S",
+ "/\xf4(?![\x80-\x8f]$cont{2}$after)/",
+ );
}
+
+ foreach ( $regexes as $regex ) {
+ if ( preg_match( $regex, $value ) !== 0 ) {
+ return false;
+ }
+ }
+ return true;
}
/**
/**
* More or less "markup-safe" explode()
* Ignores any instances of the separator inside <...>
- * @param $separator String
- * @param $text String
+ * @param string $separator
+ * @param string $text
* @return array
*/
static function explodeMarkup( $separator, $text ) {
// Explode, then put the replaced separators back in
$items = explode( $separator, $cleaned );
- foreach( $items as $i => $str ) {
+ foreach ( $items as $i => $str ) {
$items[$i] = str_replace( $placeholder, $separator, $str );
}
* Escape a string to make it suitable for inclusion in a preg_replace()
* replacement parameter.
*
- * @param $string String
- * @return String
+ * @param string $string
+ * @return string
*/
static function escapeRegexReplacement( $string ) {
$string = str_replace( '\\', '\\\\', $string );
/**
* Workalike for explode() with limited memory usage.
* Returns an Iterator
- * @param $separator
- * @param $subject
+ * @param string $separator
+ * @param string $subject
* @return ArrayIterator|ExplodeIterator
*/
static function explode( $separator, $subject ) {
var $r;
/**
- * @param $r string
+ * @param string $r
*/
function __construct( $r ) {
$this->r = $r;
}
/**
- * @param $matches array
+ * @param array $matches
* @return string
*/
function replace( $matches ) {
/**
* @param $from
* @param $to
- * @param $index int
+ * @param int $index
*/
function __construct( $from, $to, $index = 0 ) {
$this->from = $from;
}
/**
- * @param $matches array
+ * @param array $matches
* @return mixed
*/
function replace( $matches ) {
/**
* @param $table
- * @param $index int
+ * @param int $index
*/
function __construct( $table, $index = 0 ) {
$this->table = $table;
}
/**
- * @param $matches array
+ * @param array $matches
* @return mixed
*/
function replace( $matches ) {
/**
* Set the whole replacement array at once
+ * @param array $data
*/
function setArray( $data ) {
$this->data = $data;
/**
* Set an element of the replacement array
- * @param $from string
- * @param $to string
+ * @param string $from
+ * @param string $to
*/
function setPair( $from, $to ) {
$this->data[$from] = $to;
}
/**
- * @param $data array
+ * @param array $data
*/
function mergeArray( $data ) {
$this->data = array_merge( $this->data, $data );
}
/**
- * @param $other
+ * @param ReplacementArray $other
*/
function merge( $other ) {
$this->data = array_merge( $this->data, $other->data );
}
/**
- * @param $from string
+ * @param string $from
*/
function removePair( $from ) {
unset( $this->data[$from] );
}
/**
- * @param $data array
+ * @param array $data
*/
function removeArray( $data ) {
- foreach( $data as $from => $to ) {
+ foreach ( $data as $from => $to ) {
$this->removePair( $from );
}
$this->fss = false;
}
/**
- * @param $subject string
+ * @param string $subject
* @return string
*/
function replace( $subject ) {
/**
* Construct a DelimIterator
- * @param $delim string
- * @param $s string
+ * @param string $delim
+ * @param string $subject
*/
- function __construct( $delim, $s ) {
- $this->subject = $s;
+ function __construct( $delim, $subject ) {
+ $this->subject = $subject;
$this->delim = $delim;
// Micro-optimisation (theoretical)
- $this->subjectLength = strlen( $s );
+ $this->subjectLength = strlen( $subject );
$this->delimLength = strlen( $delim );
$this->rewind();
return $this->current;
}
+ /**
+ * @return int|bool Current position or boolean false if invalid
+ */
function key() {
return $this->curPos;
}
dépôts / lhc / web / wiklou.git / blobdiff