Prevent crashes due to regexp compilation errors

Page titles are now properly escaped using preg_quote() to prevent regexp compilation errors if the title contains characters with special meanings in regular expressions.
2025-07-13 01:39:30 +02:00 · 2013-08-09 17:34:01 +02:00
parent 3bf0ddfe17
commit 9d414d0e5e
4 changed files with 12 additions and 5 deletions
--- a/LinkTitles.body.php
+++ b/LinkTitles.body.php
@ -184,15 +184,19 @@
 					// see http://stackoverflow.com/questions/10672286
 					$arr = preg_split( $delimiter, $text, -1, PREG_SPLIT_DELIM_CAPTURE );

+					// Escape certain special characters in the page title to prevent
+					// regexp compilation errors
+					$escapedTitle = preg_quote(LinkTitles::$safeTitle, '/');
+
 					// Depending on the global configuration setting $wgCapitalLinks,
 					// the title has to be searched for either in a strictly case-sensitive
 					// way, or in a 'fuzzy' way where the first letter of the title may
 					// be either case.
 					if ( $wgCapitalLinks ) {
-						$searchTerm = '((?i)' . LinkTitles::$safeTitle[0] . '(?-i)' . 
-							substr(LinkTitles::$safeTitle, 1) . ')';
+						$searchTerm = '((?i)' . $escapedTitle[0] . '(?-i)' . 
+							substr($escapedTitle, 1) . ')';
 					}	else {
-						$searchTerm = '(' . LinkTitles::$safeTitle . ')';
+						$searchTerm = '(' . $escapedTitle . ')';
 					}

 					for ( $i = 0; $i < count( $arr ); $i+=2 ) {
@ -218,7 +222,7 @@
 						for ( $i = 0; $i < count( $arr ); $i+=2 ) {
 							// even indexes will point to text that is not enclosed by brackets
 							$arr[$i] = preg_replace_callback( '/(?<![\:\.\@\/\?\&])' .
-								$wordStartDelim . '(' . LinkTitles::$safeTitle . ')' . 
+								$wordStartDelim . '(' . $escapedTitle . ')' . 
 								$wordEndDelim . '/i', $callBack, $arr[$i], $limit, $count );
 							if (( $limit >= 0 ) && ( $count > 0  )) {
 								break; 
--- a/LinkTitles.php
+++ b/LinkTitles.php
@ -49,7 +49,7 @@
    'name'           => 'LinkTitles',
    'author'         => '[https://www.mediawiki.org/wiki/User:Bovender Daniel Kraus]', 
    'url'            => 'https://www.mediawiki.org/wiki/Extension:LinkTitles',
-    'version'        => '2.2.1',
+    'version'        => '2.2.2',
    'descriptionmsg' => 'linktitles-desc'
    );

--- a/3
+++ b/3
@ -1,3 +1,6 @@
+LinkTitles 2.2.2: 2013-08-09
+* Prevent crashes due to special characters in page titles.
+
 LinkTitles 2.2.1: 2013-07-22
 * Make the extension work with sqlite databases.

--- a/release/LinkTitles-2.2.2.tar.gz
+++ b/release/LinkTitles-2.2.2.tar.gz