Page MenuHomePhabricator
Create Task
Maniphest T374293

FilterEvaluator->mungeRegexp() may unexpectedly remove backslashes in rules' regex patterns
Open, Needs TriagePublic
Actions

Description

This ticket is for an issue I discovered while working on T374170:

In T374170#10127410, @Od1n wrote:

I have just discovered another bug. Per regex101.com:

A repeated capturing group will only capture the last iteration. Put a capturing group around the repeated group to capture all iterations or use a non-capturing group instead if you're not interested in the data

Therefore, the (\\\\\\\\)* group (for 2 backslashes, but PHP-escaped + regex-escaped, totaling 8 backslashes to type) would match all pairs of backslashes (i.e. escaped backslashes) that precede the slash (escaped or not), which is what we want, BUT would capture and restitute only the last pair in the result.

The existing FilterEvaluator->mungeRegexp() is affected, and the one I'm adding in this PR.

Details

SubjectRepoBranchLines +/-
Fix unexpected removal of backslashes when more than one occurrence is foundmediawiki/extensions/AbuseFiltermaster+1 -1
Customize query in gerrit

Related Objects

Event Timeline

Od1n created this task.Sep 7 2024, 1:43 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 7 2024, 1:43 AM
gerritbot added a comment.Sep 7 2024, 1:52 AM

Change #1071284 had a related patch set uploaded (by Gerrit Patch Uploader; author: Anne Haunime):

[mediawiki/extensions/AbuseFilter@master] Fix unexpected removal of backslashes when more than one occurrence is found

https://gerrit.wikimedia.org/r/1071284

gerritbot added a project: Patch-For-Review.Sep 7 2024, 1:52 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits