From abf692eaf7b283425a8ef2cd0d9e7bc65a5d5cc6 Mon Sep 17 00:00:00 2001
From: "Uwe.Tews" <uwe.tews@localhost>
Date: Sat, 17 Apr 2010 10:19:47 +0000
Subject: [PATCH] - fixed security hole in {math} plugin

---
 ChangeLog                      | 4 ++++
 libs/plugins/function.math.php | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 6a078fcb..941d83ec 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2010-04-17  Uwe Tews
+
+    * Fixed security hole in {math} plugin
+    
 2007-09-27  TAKAGI Masahiro  <matakagi@gmail.com>
 
     * docs/ja/designers/language-custom-functions/language-function-html-checkboxes.xml:
diff --git a/libs/plugins/function.math.php b/libs/plugins/function.math.php
index bb78dac2..6575e060 100644
--- a/libs/plugins/function.math.php
+++ b/libs/plugins/function.math.php
@@ -37,7 +37,7 @@ function smarty_function_math($params, &$smarty)
     }
 
     // match all vars in equation, make sure all are passed
-    preg_match_all("!(?:0x[a-fA-F0-9]+)|([a-zA-Z][a-zA-Z0-9_]+)!",$equation, $match);
+    preg_match_all("!(?:0x[a-fA-F0-9]+)|([a-zA-Z][a-zA-Z0-9_]*)!",$equation, $match);
     $allowed_funcs = array('int','abs','ceil','cos','exp','floor','log','log10',
                            'max','min','pi','pow','rand','round','sin','sqrt','srand','tan');
     
@@ -82,4 +82,4 @@ function smarty_function_math($params, &$smarty)
 
 /* vim: set expandtab: */
 
-?>
+?>
\ No newline at end of file