1
0
Fork 0

Escape % chars in user input before passing to sprintf, fixes #11359

pull/11920/head
Jordi Boggiano 2023-03-15 22:53:29 +01:00
parent 8beb64d82c
commit b4c1be6cb6
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
1 changed files with 1 additions and 0 deletions

View File

@ -126,6 +126,7 @@ class Problem
foreach ($rules as $rule) { foreach ($rules as $rule) {
$message = $rule->getPrettyString($repositorySet, $request, $pool, $isVerbose, $installedMap, $learnedPool); $message = $rule->getPrettyString($repositorySet, $request, $pool, $isVerbose, $installedMap, $learnedPool);
if (in_array($rule->getReason(), $deduplicatableRuleTypes, true) && Preg::isMatch('{^(?P<package>\S+) (?P<version>\S+) (?P<type>requires|conflicts)}', $message, $m)) { if (in_array($rule->getReason(), $deduplicatableRuleTypes, true) && Preg::isMatch('{^(?P<package>\S+) (?P<version>\S+) (?P<type>requires|conflicts)}', $message, $m)) {
$message = str_replace('%', '%%', $message);
$template = Preg::replace('{^\S+ \S+ }', '%s%s ', $message); $template = Preg::replace('{^\S+ \S+ }', '%s%s ', $message);
$messages[] = $template; $messages[] = $template;
$templates[$template][$m[1]][$parser->normalize($m[2])] = $m[2]; $templates[$template][$m[1]][$parser->normalize($m[2])] = $m[2];