From bf84fec3671ad37bb641310737eef6c21ef9596a Mon Sep 17 00:00:00 2001
From: Hayder Sharhan <hsharhan@ebay.com>
Date: Thu, 25 Feb 2016 12:03:53 -0600
Subject: [PATCH] MAGETWO-48819: [GitHub #3233] Arbitrary PHP code execution in
M2.0.2
- Fixed regex of static test.
---
.../static/framework/Magento/Sniffs/Files/LineLengthSniff.php | 4 ++--
setup/src/Magento/Setup/Module/I18n/Dictionary/Phrase.php | 4 +---
2 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/dev/tests/static/framework/Magento/Sniffs/Files/LineLengthSniff.php b/dev/tests/static/framework/Magento/Sniffs/Files/LineLengthSniff.php
index c69f85ca875..336f28a21eb 100644
--- a/dev/tests/static/framework/Magento/Sniffs/Files/LineLengthSniff.php
+++ b/dev/tests/static/framework/Magento/Sniffs/Files/LineLengthSniff.php
@@ -22,8 +22,8 @@ class LineLengthSniff extends \Generic_Sniffs_Files_LineLengthSniff
*/
protected function checkLineLength(\PHP_CodeSniffer_File $phpcsFile, $stackPtr, $lineContent)
{
- $previousLineRegexp = '~__\($|Phrase\($~';
- $currentLineRegexp = '~__\(.+\)|Phrase\(.+\)~';
+ $previousLineRegexp = '~__\($|\bPhrase\($~';
+ $currentLineRegexp = '~__\(.+\)|\bPhrase\(.+\)~';
$currentLineMatch = preg_match($currentLineRegexp, $lineContent) !== 0;
$previousLineMatch = preg_match($previousLineRegexp, $this->previousLineContent) !== 0;
$this->previousLineContent = $lineContent;
diff --git a/setup/src/Magento/Setup/Module/I18n/Dictionary/Phrase.php b/setup/src/Magento/Setup/Module/I18n/Dictionary/Phrase.php
index 1c7347f2892..d914b63ffcd 100644
--- a/setup/src/Magento/Setup/Module/I18n/Dictionary/Phrase.php
+++ b/setup/src/Magento/Setup/Module/I18n/Dictionary/Phrase.php
@@ -259,12 +259,10 @@ class Phrase
}
/**
- * Compile PHP string based on quotes type it enclosed with
+ * Compile PHP string (escaping unescaped quotes and processing concatenation)
*
* @param string $string
* @return string
- *
- * @SuppressWarnings(PHPMD.EvalExpression)
*/
private function getCompiledString($string)
{
--
GitLab