From 44a52e4157eb3a8c529204d6799ae7e0909d4de0 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Tue, 24 May 2022 14:32:18 +0200 Subject: [PATCH] Fix backtracking in name validation regex --- res/composer-schema.json | 2 +- src/Composer/Package/Loader/ValidatingArrayLoader.php | 2 +- tests/Composer/Test/Json/ComposerSchemaTest.php | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/res/composer-schema.json b/res/composer-schema.json index 166a80820..e4e460b89 100644 --- a/res/composer-schema.json +++ b/res/composer-schema.json @@ -6,7 +6,7 @@ "name": { "type": "string", "description": "Package name, including 'vendor-name/' prefix.", - "pattern": "^[a-z0-9]([_.-]?[a-z0-9]+)*/[a-z0-9](([_.]?|-{0,2})[a-z0-9]+)*$" + "pattern": "^[a-z0-9]([_.-]?[a-z0-9]++)*+/[a-z0-9](([_.]|-{1,2})?[a-z0-9]++)*+$" }, "description": { "type": "string", diff --git a/src/Composer/Package/Loader/ValidatingArrayLoader.php b/src/Composer/Package/Loader/ValidatingArrayLoader.php index 7fb2c3b79..f05ba512f 100644 --- a/src/Composer/Package/Loader/ValidatingArrayLoader.php +++ b/src/Composer/Package/Loader/ValidatingArrayLoader.php @@ -456,7 +456,7 @@ class ValidatingArrayLoader implements LoaderInterface return null; } - if (!Preg::isMatch('{^[a-z0-9](?:[_.-]?[a-z0-9]+)*/[a-z0-9](?:(?:[_.]?|-{0,2})[a-z0-9]+)*$}iD', $name)) { + if (!Preg::isMatch('{^[a-z0-9](?:[_.-]?[a-z0-9]++)*+/[a-z0-9](?:(?:[_.]|-{1,2})?[a-z0-9]++)*+$}iD', $name)) { return $name.' is invalid, it should have a vendor name, a forward slash, and a package name. The vendor and package name can be words separated by -, . or _. The complete name should match "^[a-z0-9]([_.-]?[a-z0-9]+)*/[a-z0-9](([_.]?|-{0,2})[a-z0-9]+)*$".'; } diff --git a/tests/Composer/Test/Json/ComposerSchemaTest.php b/tests/Composer/Test/Json/ComposerSchemaTest.php index e45da5df3..8c252a046 100644 --- a/tests/Composer/Test/Json/ComposerSchemaTest.php +++ b/tests/Composer/Test/Json/ComposerSchemaTest.php @@ -25,9 +25,9 @@ class ComposerSchemaTest extends TestCase $expectedError = array( array( 'property' => 'name', - 'message' => 'Does not match the regex pattern ^[a-z0-9]([_.-]?[a-z0-9]+)*/[a-z0-9](([_.]?|-{0,2})[a-z0-9]+)*$', + 'message' => 'Does not match the regex pattern ^[a-z0-9]([_.-]?[a-z0-9]++)*+/[a-z0-9](([_.]|-{1,2})?[a-z0-9]++)*+$', 'constraint' => 'pattern', - 'pattern' => '^[a-z0-9]([_.-]?[a-z0-9]+)*/[a-z0-9](([_.]?|-{0,2})[a-z0-9]+)*$', + 'pattern' => '^[a-z0-9]([_.-]?[a-z0-9]++)*+/[a-z0-9](([_.]|-{1,2})?[a-z0-9]++)*+$', ), );