smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-05 02:44:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v2.6.28'

Browse Source
This commit is contained in:
Uwe Tews
2014-10-31 01:07:20 +01:00
parent 9a36601dad a4ff415bfa
commit 0ecdd6c41d
2 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog
View File

@@ -1,3 +1,12 @@
2013-09-30
* Fixed old vulnerability bug https://bugs.gentoo.org/show_bug.cgi?id=356615
2013-07-16 Uwe Tews
* Fixed made Smarty_Compiler.class.php compatible with PHP 5.5
2012-09-24 Uwe Tews 2012-09-24 Uwe Tews
* Fixed escape Smarty error messages to avoid possible script execution * Fixed escape Smarty error messages to avoid possible script execution

8
libs/Smarty_Compiler.class.php
View File

@@ -262,11 +262,11 @@ class Smarty_Compiler extends Smarty {
reset($this->_folded_blocks); reset($this->_folded_blocks);
/* replace special blocks by "{php}" */ /* replace special blocks by "{php}" */
$source_content = preg_replace($search.'e', "'" $source_content = preg_replace_callback($search, create_function ('$matches', "return '"
. $this->_quote_replace($this->left_delimiter) . 'php' . $this->_quote_replace($this->left_delimiter) . 'php'
. "' . str_repeat(\"\n\", substr_count('\\0', \"\n\")) .'" . "' . str_repeat(\"\n\", substr_count('\$matches[1]', \"\n\")) .'"
. $this->_quote_replace($this->right_delimiter) . $this->_quote_replace($this->right_delimiter)
. "'" . "';")
, $source_content); , $source_content);
/* Gather all template tags. */ /* Gather all template tags. */
@@ -2122,7 +2122,7 @@ class Smarty_Compiler extends Smarty {
return null; return null;
case 'template': case 'template':
$compiled_ref = "'$this->_current_file'"; $compiled_ref = "'" . addslashes($this->_current_file) . "'";
$_max_index = 1; $_max_index = 1;
break; break;