makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/security/243] Fail silently on unsupported values for font size

Browse source 
SECURITY-243
This commit is contained in:
Marc Alexander 2019-08-31 18:13:24 +02:00
parent b4f9c44b30
commit cc8d6a5a01
No known key found for this signature in database
GPG key ID: 50E0D2423696F995
2 changed files with 1 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
phpBB/language/en/posting.php
View file

@ -140,7 +140,6 @@ $lang = array_merge($lang, array(
'IMAGES_ARE_OFF' => '[img] is <em>OFF</em>', 'IMAGES_ARE_OFF' => '[img] is <em>OFF</em>',
'IMAGES_ARE_ON' => '[img] is <em>ON</em>', 'IMAGES_ARE_ON' => '[img] is <em>ON</em>',
'INVALID_FILENAME' => '%s is an invalid filename.', 'INVALID_FILENAME' => '%s is an invalid filename.',
'INVALID_FONT_SIZE' => 'The font size you supplied is invalid: %s',
'LOAD' => 'Load', 'LOAD' => 'Load',
'LOAD_DRAFT' => 'Load draft', 'LOAD_DRAFT' => 'Load draft',

13
phpBB/phpbb/textformatter/s9e/parser.php
View file

@ -228,10 +228,6 @@ class parser implements \phpbb\textformatter\parser_interface
{ {
$errors[] = array($msg); $errors[] = array($msg);
} }
else if ($msg === 'INVALID_FONT_SIZE')
{
$errors[] = [$msg, $context['invalid_size']];
}
} }
// Deduplicate error messages. array_unique() only works on strings so we have to serialize // Deduplicate error messages. array_unique() only works on strings so we have to serialize
@ -339,13 +335,6 @@ class parser implements \phpbb\textformatter\parser_interface
*/ */
static public function filter_font_size($size, $max_size, Logger $logger) static public function filter_font_size($size, $max_size, Logger $logger)
{ {
if (!is_numeric($size))
{
$logger->err('INVALID_FONT_SIZE', ['invalid_size' => htmlspecialchars($size)]);
return false;
}
if ($max_size && $size > $max_size) if ($max_size && $size > $max_size)
{ {
$logger->err('MAX_FONT_SIZE_EXCEEDED', array('max_size' => $max_size)); $logger->err('MAX_FONT_SIZE_EXCEEDED', array('max_size' => $max_size));
@ -353,7 +342,7 @@ class parser implements \phpbb\textformatter\parser_interface
return false; return false;
} }
if ($size < 1) if ($size < 1 || !is_numeric($size))
{ {
return false; return false;
} }