smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-02 17:34:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Bugfix/rand without param v3 (#796)

Browse Source 
* Fixed use of `rand()` without a parameter in math function (for v3.1)
Fixes #794

* Add change in regex for PRCE (PHP < 7.3)

* Add unit tests and correctly set PHP supported versions

* Drop PHP5.2 from CI workflows because it cannot be build anymore

* Fix CI workflow for PHP7.2 and up

* re-add compose packages cache with specific key

* Exclude unit test files from git export

* prevent double CI workflows in PRs
This commit is contained in:
Simon Wisselink
2022-09-12 16:03:27 +02:00
committed by GitHub
parent b3ade90dec
commit 25051e6e88
18 changed files with 259 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitattributes vendored
View File

@@ -8,7 +8,9 @@
# exclude from git export
/tests export-ignore
/utilities/ export-ignore
/docker-compose.yml export-ignore
/.github export-ignore
/run_tests_for_all_php_versions.sh export-ignore
/.gitattributes export-ignore
/.gitignore export-ignore
/.travis.yml export-ignore

73
.github/workflows/ci.yml vendored Normal file
View File

@@ -0,0 +1,73 @@
# https://help.github.com/en/categories/automating-your-workflow-with-github-actions
on:
pull_request:
push:
branches:
- 'support/3.1'
name: CI
jobs:
tests:
name: Tests
runs-on: ${{ matrix.os }}
env:
PHP_EXTENSIONS: dom, json, libxml, mbstring, pdo_sqlite, soap, xml, xmlwriter
PHP_INI_VALUES: assert.exception=1, zend.assertions=1
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
php-version:
- "5.3"
- "5.4"
- "5.5"
- "5.6"
- "7.1"
- "7.2"
- "7.3"
- "7.4"
compiler:
- default
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Override PHP ini values for JIT compiler
if: matrix.compiler == 'jit'
run: echo "PHP_INI_VALUES::assert.exception=1, zend.assertions=1, opcache.enable=1, opcache.enable_cli=1, opcache.optimization_level=-1, opcache.jit=1255, opcache.jit_buffer_size=32M" >> $GITHUB_ENV
- name: Install PHP with extensions
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-version }}
coverage: pcov
extensions: ${{ env.PHP_EXTENSIONS }}
ini-values: ${{ env.PHP_INI_VALUES }}
- name: Validate composer.json and composer.lock
run: composer validate
- name: Cache Composer packages
id: composer-cache
uses: actions/cache@v2
with:
path: vendor
key: Smartyv3-${{ runner.os }}-php-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }}
restore-keys: |
Smartyv3-${{ runner.os }}-php-${{ matrix.php-version }}-
- name: Install dependencies
if: steps.composer-cache.outputs.cache-hit != 'true'
run: composer install --prefer-dist --no-progress --no-suggest
- name: Run tests with phpunit
run: ./phpunit.sh

3
CHANGELOG.md
View File

@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased]
### Fixes
- Fixed use of `rand()` without a parameter in math function [#794](https://github.com/smarty-php/smarty/issues/794)
## [3.1.46] - 2022-08-01
### Fixed

2
composer.json
View File

@@ -27,7 +27,7 @@
"forum": "http://www.smarty.net/forums/"
},
"require": {
"php": ">=5.2"
"php": "^5.2 || ^7.0"
},
"autoload": {
"classmap": [

51
docker-compose.yml Normal file
View File

@@ -0,0 +1,51 @@
version: "2"
services:
base:
build:
context: .
dockerfile: ./utilities/testrunners/php54/Dockerfile
volumes:
- .:/app
working_dir: /app
entrypoint: sh ./utilities/testrunners/run-test.sh
php54:
extends:
service: base
build:
dockerfile: ./utilities/testrunners/php54/Dockerfile
php55:
extends:
service: base
build:
dockerfile: ./utilities/testrunners/php55/Dockerfile
php56:
extends:
service: base
build:
dockerfile: ./utilities/testrunners/php56/Dockerfile
php70:
extends:
service: base
build:
dockerfile: ./utilities/testrunners/php70/Dockerfile
php71:
extends:
service: base
build:
dockerfile: ./utilities/testrunners/php71/Dockerfile
php72:
extends:
service: base
build:
dockerfile: ./utilities/testrunners/php72/Dockerfile
php73:
extends:
service: base
build:
dockerfile: ./utilities/testrunners/php73/Dockerfile
php74:
extends:
service: base
build:
dockerfile: ./utilities/testrunners/php74/Dockerfile

2
libs/plugins/function.math.php
View File

@@ -70,7 +70,7 @@ function smarty_function_math($params, $template)
$number = '(?:\d+(?:[,.]\d+)?|pi|π)'; // What is a number
$functionsOrVars = '((?:0x[a-fA-F0-9]+)|([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*))';
$operators = '[,+\/*\^%-]'; // Allowed math operators
$regexp = '/^(('.$number.'|'.$functionsOrVars.'|('.$functionsOrVars.'\s*\((?1)+\)|\((?1)+\)))(?:'.$operators.'(?1))?)+$/';
$regexp = '/^(('.$number.'|'.$functionsOrVars.'|('.$functionsOrVars.'\s*\((?1)*\)|\((?1)*\)))(?:'.$operators.'(?1))?)+$/';
if (!preg_match($regexp, $equation)) {
trigger_error("math: illegal characters", E_USER_WARNING);

11
run_tests_for_all_php_versions.sh Executable file
View File

@@ -0,0 +1,11 @@
# Runs tests for all supported PHP versions >= PHP 5.4.
# Cannot get 5.2 and 5.3 to run in docker anymore
docker-compose run php54 && \
docker-compose run php55 && \
docker-compose run php56 && \
docker-compose run php70 && \
docker-compose run php71 && \
docker-compose run php72 && \
docker-compose run php73 && \
docker-compose run php74

8
tests/UnitTests/TemplateSource/ValueTests/Math/MathTest.php
View File

@@ -162,4 +162,12 @@ class MathTest extends PHPUnit_Smarty
$this->assertEquals($expected, $this->smarty->fetch($tpl));
}
public function testRand()
{
$tpl = $this->smarty->createTemplate('eval:{$x = "0"}{math equation="x * rand()" x=$x}');
// this assertion may seem silly, but it serves to prove that using rand() without a parameter
// will not trigger a security error (see https://github.com/smarty-php/smarty/issues/794)
$this->assertEquals("0", $this->smarty->fetch($tpl));
}
}

13
utilities/testrunners/php54/Dockerfile Normal file
View File

@@ -0,0 +1,13 @@
FROM php:5.4-cli
## Upgrade CA certificates
RUN curl -k https://curl.se/ca/cacert.pem > cacert.crt && cp cacert.crt /usr/local/share/ca-certificates/ && update-ca-certificates
## Basic utilities
RUN apt-get update -yqq && apt-get install --force-yes -y curl apt-utils git zip unzip
## Composer
COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
WORKDIR /root
RUN sh ./install-composer.sh
RUN mv ./composer.phar /usr/local/bin/composer

13
utilities/testrunners/php55/Dockerfile Normal file
View File

@@ -0,0 +1,13 @@
FROM php:5.5-cli
## Upgrade CA certificates
RUN curl -k https://curl.se/ca/cacert.pem > cacert.crt && cp cacert.crt /usr/local/share/ca-certificates/ && update-ca-certificates
## Basic utilities
RUN apt-get update -yqq && apt-get install --force-yes -y curl apt-utils git zip unzip
## Composer
COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
WORKDIR /root
RUN sh ./install-composer.sh
RUN mv ./composer.phar /usr/local/bin/composer

13
utilities/testrunners/php56/Dockerfile Normal file
View File

@@ -0,0 +1,13 @@
FROM php:5.6-cli
## Upgrade CA certificates
RUN curl -k https://curl.se/ca/cacert.pem > cacert.crt && cp cacert.crt /usr/local/share/ca-certificates/ && update-ca-certificates
## Basic utilities
RUN apt-get update -yqq && apt-get install --force-yes -y curl apt-utils git zip unzip
## Composer
COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
WORKDIR /root
RUN sh ./install-composer.sh
RUN mv ./composer.phar /usr/local/bin/composer

10
utilities/testrunners/php70/Dockerfile Normal file
View File

@@ -0,0 +1,10 @@
FROM php:7.0-cli
## Basic utilities
RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
## Composer
COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
WORKDIR /root
RUN sh ./install-composer.sh
RUN mv ./composer.phar /usr/local/bin/composer

10
utilities/testrunners/php71/Dockerfile Normal file
View File

@@ -0,0 +1,10 @@
FROM php:7.1-cli
## Basic utilities
RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
## Composer
COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
WORKDIR /root
RUN sh ./install-composer.sh
RUN mv ./composer.phar /usr/local/bin/composer

10
utilities/testrunners/php72/Dockerfile Normal file
View File

@@ -0,0 +1,10 @@
FROM php:7.2-cli
## Basic utilities
RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
## Composer
COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
WORKDIR /root
RUN sh ./install-composer.sh
RUN mv ./composer.phar /usr/local/bin/composer

10
utilities/testrunners/php73/Dockerfile Normal file
View File

@@ -0,0 +1,10 @@
FROM php:7.3-cli
## Basic utilities
RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
## Composer
COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
WORKDIR /root
RUN sh ./install-composer.sh
RUN mv ./composer.phar /usr/local/bin/composer

10
utilities/testrunners/php74/Dockerfile Normal file
View File

@@ -0,0 +1,10 @@
FROM php:7.4-cli
## Basic utilities
RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
## Composer
COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
WORKDIR /root
RUN sh ./install-composer.sh
RUN mv ./composer.phar /usr/local/bin/composer

2
utilities/testrunners/run-test.sh Executable file
View File

@@ -0,0 +1,2 @@
#!/bin/sh
composer update && php ./vendor/phpunit/phpunit/phpunit -c phpunit.xml tests

17
utilities/testrunners/shared/install-composer.sh Normal file
View File

@@ -0,0 +1,17 @@
#!/bin/sh
EXPECTED_CHECKSUM="$(php -r 'copy("https://composer.github.io/installer.sig", "php://stdout");')"
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
ACTUAL_CHECKSUM="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
if [ "$EXPECTED_CHECKSUM" != "$ACTUAL_CHECKSUM" ]
then
>&2 echo 'ERROR: Invalid installer checksum'
rm composer-setup.php
exit 1
fi
php composer-setup.php --quiet
RESULT=$?
rm composer-setup.php
exit $RESULT