Fix: Memory exhaustion issue in dol_htmlentitiesbr() #33066
Conversation
htdocs/core/lib/functions.lib.php
Outdated
| @@ -8723,6 +8723,9 @@ function dol_htmlentitiesbr($stringtoencode, $nl2brmode = 0, $pagecodefrom = 'UT | |||
| $newstring = strtr($newstring, array('&' => '__PROTECTand__', '<' => '__PROTECTlt__', '>' => '__PROTECTgt__', '"' => '__PROTECTdquot__')); | |||
| $newstring = dol_htmlentities($newstring, ENT_COMPAT, $pagecodefrom); // Make entity encoding | |||
| $newstring = strtr($newstring, array('__PROTECTand__' => '&', '__PROTECTlt__' => '<', '__PROTECTgt__' => '>', '__PROTECTdquot__' => '"')); | |||
| if (strlen($stringtoencode) > 1000000) {// limit, to avoid memory problem | |||
| return htmlentities(substr($stringtoencode, 0, 1000000)) . '...'; | |||
There was a problem hiding this comment.
Adding this will lead to security vulnerability because you truncate $stringtoencode instead of truncating the $newstring that has been sanitized.
Why not just doing
if (strlen($newstring) > 1000000) {// limit, to avoid memory problem
return substr($newstring, 0, 1000000) . '...';
}
There was a problem hiding this comment.
Thanks for your feedback, I made the changes you suggested!
eldy
added
the
Discussion
|
@GregoireIvars @defrance it's not a limitation of your server ? Maybe add a constant for this ? |
|
@eldy @GregoireIvars @defrance je ne comprend pas cette limitation ?! est-ce que qu'au fond ça ne dépend pas des limitation du serveur ? est-ce que ceci ne va pas limiter ceux qui ont la puissance de gérer ceci ? (je dis ça je dis rien !) ;-) |
Yes this looks strange. When there is a memory limit reached, there is a php fatal error, not an infinite delay with no answer. |
FIx: Memory exhaustion when comment in a ticket is too long #33065
Description :
When writing a message or comment in a ticket, if it turns out to be too long, a memory error occurs. I have implemented a fix for this case
This PR fixes a memory exhaustion issue in the dol_htmlentitiesbr() function.
@defrance