Page MenuHomePhabricator
Differential D8516

Use "\z" instead of "$" to anchor validating regular expressions
ClosedPublic
Actions

Authored by epriestley on Mar 13 2014, 2:18 PM.
Tags
None
Referenced Files
F18820680: D8516.diff
Wed, Oct 22, 4:33 PM
F18783540: D8516.id20207.diff
Mon, Oct 13, 7:48 AM
F18772383: D8516.id20206.diff
Thu, Oct 9, 2:12 AM
F18758613: D8516.id20210.diff
Sun, Oct 5, 10:56 PM
F18751564: D8516.id.diff
Sat, Oct 4, 11:41 AM
F18741575: D8516.id20205.diff
Thu, Oct 2, 2:40 PM
F18737425: D8516.id.diff
Wed, Oct 1, 10:38 AM
F18725626: D8516.diff
Tue, Sep 30, 5:43 AM
View All Files
Subscribers
aran
epriestley

Details

Reviewers
btrahan
Commits
Restricted Diffusion Commit
rP969d0c3e8de2: Use "\z" instead of "$" to anchor validating regular expressions
Summary

Via HackerOne. In regular expressions, "$" matches "end of input, or before terminating newline". This means that the expression /^A$/ matches two strings: "A", and "A\n".

When we care about this, use \z instead, which matches "end of input" only.

This allowed registration of "username\n" and similar.

Test Plan
  • Grepped codebase for all calls to preg_match() / preg_match_all().
  • Fixed the ones where this seemed like it could have an impact.
  • Added and executed unit tests.

Diff Detail

Repository
rP Phabricator
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

epriestley updated this revision to Diff 20205.Mar 13 2014, 2:18 PM
epriestley retitled this revision from to Use "\z" instead of "$" to anchor validating regular expressions.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
Herald added subscribers: epriestley, aran.Mar 13 2014, 2:18 PM
epriestley updated this revision to Diff 20206.Mar 13 2014, 2:23 PM
  • Remove test code.
epriestley updated this revision to Diff 20207.Mar 13 2014, 2:24 PM

Remove more test code.

btrahan accepted this revision.Mar 13 2014, 5:38 PM
btrahan edited edge metadata.
This revision is now accepted and ready to land.Mar 13 2014, 5:38 PM
epriestley closed this revision.Mar 13 2014, 7:43 PM
epriestley updated this revision to Diff 20210.

Closed by commit rP969d0c3e8de2 (authored by @epriestley).

epriestley mentioned this in D19251: Add a basic Remarkup document rendering engine.Mar 23 2018, 11:38 AM

Revision Contents
Changeset List

Diff 20210

View Options

src/applications/auth/provider/PhabricatorAuthProviderOAuth1JIRA.php

Loading...
View Options

src/applications/diffusion/conduit/ConduitAPI_diffusion_getcommits_Method.php

Loading...
View Options

src/applications/diffusion/controller/DiffusionRepositoryCreateController.php

Loading...
View Options

src/applications/diffusion/ssh/DiffusionSSHSubversionServeWorkflow.php

Loading...
View Options

src/applications/diffusion/ssh/DiffusionSSHWorkflow.php

Loading...
View Options

src/applications/diviner/atom/DivinerAtomRef.php

Loading...
View Options

src/applications/diviner/workflow/DivinerWorkflow.php

Loading...
View Options

src/applications/files/engine/PhabricatorLocalDiskFileStorageEngine.php

Loading...
View Options

src/applications/macro/controller/PhabricatorMacroEditController.php

Loading...
View Options

src/applications/people/storage/PhabricatorUser.php

Loading...
View Options

src/applications/people/storage/PhabricatorUserEmail.php

Loading...
View Options

src/applications/people/storage/__tests__/PhabricatorUserEmailTestCase.php

Loading...
View Options

src/applications/people/storage/__tests__/PhabricatorUserTestCase.php

Loading...
View Options

src/applications/phlux/controller/PhluxEditController.php

Loading...
View Options

src/applications/repository/conduit/ConduitAPI_repository_create_Method.php

Loading...
Phabricator · Built by Phacility