Inspection of "web (forums): fix XSS vulnerability" - BOINC/boinc - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — dpa_bbcode4 ( 03914f )

by David

created 2025-03-12 07:37 UTC

Status

Spacing +23 added lines, -23 removed lines patch added patch discarded remove patch

@@ -26,13 +26,13 @@  discard block
 block discarded – undo
 require_once('../inc/sanitize_html.inc');
 
 class output_options {
-    var $bb2html;            // BBCode as HTML? (on)
-    var $images_as_links;    // Images as hyperlinks? (off)
-    var $link_popup;        // Links in new windows? (off)
-    var $nl2br;                // Convert newlines to <br>'s? (on)
-    var $htmlitems;            // Convert special chars to HTML entities? (on)
-    var $htmlscrub;            // Scrub "bad" HTML tags? (off)
-    var $highlight_terms;// Array of terms to be highlighted (off)
+    var $bb2html; // BBCode as HTML? (on)
+    var $images_as_links; // Images as hyperlinks? (off)
+    var $link_popup; // Links in new windows? (off)
+    var $nl2br; // Convert newlines to <br>'s? (on)
+    var $htmlitems; // Convert special chars to HTML entities? (on)
+    var $htmlscrub; // Scrub "bad" HTML tags? (off)
+    var $highlight_terms; // Array of terms to be highlighted (off)
 
     // Constructor - set the defaults.
 
@@ -68,7 +68,7 @@  discard block
 block discarded – undo
         $options = new output_options; // Defaults in the class definition
     }
     if ($options->htmlitems) {
-        $text = htmlspecialchars($text, ENT_COMPAT | ENT_HTML401 | ENT_SUBSTITUTE);
+        $text = htmlspecialchars($text, ENT_COMPAT|ENT_HTML401|ENT_SUBSTITUTE);
     }
     if (is_array($options->highlight_terms)) {
         $text = highlight_terms($text, $options->highlight_terms);
@@ -104,7 +104,7 @@  discard block
 block discarded – undo
 // If $export is true, don't use BOINC CSS
 
 function substr2($s, $n1, $n2) {
-    return substr($s, $n1, $n2-$n1);
+    return substr($s, $n1, $n2 - $n1);
 }
 
 // process non-nestable constructs: [pre] and [code]
@@ -180,7 +180,7 @@  discard block
 block discarded – undo
         // but not any hacker stuff like " alert(1)
     $httpsregex = "(?:\"?)https\:\/\/([^\[\"<\ ]+)(?:\"?)";
     // List of allowable tags
-    $bbtags = array (
+    $bbtags = array(
         "@\[b\](.*?)\[/b\]@is",
         "@\[i\](.*?)\[/i\]@is",
         "@\[u\](.*?)\[/u\]@is",
@@ -209,7 +209,7 @@  discard block
 block discarded – undo
 
     // What the above tags are turned in to
     if ($export) {
-        $htmltags = array (
+        $htmltags = array(
             "<b>\\1</b>",
             "<i>\\1</i>",
             "<u>\\1</u>",
@@ -236,7 +236,7 @@  discard block
 block discarded – undo
             "<a href=\"https://github.com/BOINC/boinc/wiki/\\1\">\\1</a>",
         );
     } else {
-        $htmltags = array (
+        $htmltags = array(
             "<b>\\1</b>",
             "<i>\\1</i>",
             "<u>\\1</u>",
@@ -268,7 +268,7 @@  discard block
 block discarded – undo
     $lasttext = "";
     $i = 0;
     // $i<1000 to prevent DoS
-    while ($text != $lasttext && $i<1000) {
+    while ($text != $lasttext && $i < 1000) {
         $lasttext = $text;
         $text = preg_replace($bbtags, $htmltags, $text);
         $i = $i + 1;
@@ -278,7 +278,7 @@  discard block
 block discarded – undo
     return $text;
 }
 
-function bb2html($text, $export=false) {
+function bb2html($text, $export = false) {
     $text = replace_pre_code($text, $export);
     return bb2html_aux($text, $export);
 }
@@ -287,7 +287,7 @@  discard block
 block discarded – undo
 // for example inside <pre> containers
 // The original \n was retained after the br when it was added
 //
-function remove_br($text){
+function remove_br($text) {
     return str_replace("<br />", "", $text);
 }
 
@@ -295,19 +295,19 @@  discard block
 block discarded – undo
 //
 function externalize_links($text) {
     // TODO:  Convert this to PCRE
-    $i=0;
-    $linkpos=true;
+    $i = 0;
+    $linkpos = true;
     $out = "";
-    while (true){
+    while (true) {
         // Find a link
         //
-        $linkpos=strpos($text, "<a ", $i);
-        if ($linkpos===false) break;
+        $linkpos = strpos($text, "<a ", $i);
+        if ($linkpos === false) break;
 
         // Replace with target='_new'
         //
-        $out .= substr($text, $i, $linkpos-$i)."<a target=\"_new\" ";
-        $i = $linkpos+3;
+        $out .= substr($text, $i, $linkpos - $i)."<a target=\"_new\" ";
+        $i = $linkpos + 3;
     }
     $out .= substr($text, $i);
     return $out;
@@ -315,7 +315,7 @@  discard block
 block discarded – undo
 
 // Converts image tags to links to the images.
 //
-function image_as_link($text){
+function image_as_link($text) {
     $pattern = '@<img([\S\s]+?)src=([^>]+?)>@si';
     $replacement = '<a href=${2}>[Image link]</a>';
     return preg_replace($pattern, $replacement, $text);

Please login to merge, or discard this patch.

		@@ -26,13 +26,13 @@ discard block
		block discarded – undo
26	26	require_once('../inc/sanitize_html.inc');
27	27
28	28	class output_options {
29		- var $bb2html; // BBCode as HTML? (on)
30		- var $images_as_links; // Images as hyperlinks? (off)
31		- var $link_popup; // Links in new windows? (off)
32		- var $nl2br; // Convert newlines to <br>'s? (on)
33		- var $htmlitems; // Convert special chars to HTML entities? (on)
34		- var $htmlscrub; // Scrub "bad" HTML tags? (off)
35		- var $highlight_terms;// Array of terms to be highlighted (off)
	29	+ var $bb2html; // BBCode as HTML? (on)
	30	+ var $images_as_links; // Images as hyperlinks? (off)
	31	+ var $link_popup; // Links in new windows? (off)
	32	+ var $nl2br; // Convert newlines to <br>'s? (on)
	33	+ var $htmlitems; // Convert special chars to HTML entities? (on)
	34	+ var $htmlscrub; // Scrub "bad" HTML tags? (off)
	35	+ var $highlight_terms; // Array of terms to be highlighted (off)
36	36
37	37	// Constructor - set the defaults.
38	38
		@@ -68,7 +68,7 @@ discard block
		block discarded – undo
68	68	$options = new output_options; // Defaults in the class definition
69	69	}
70	70	if ($options->htmlitems) {
71		- $text = htmlspecialchars($text, ENT_COMPAT \| ENT_HTML401 \| ENT_SUBSTITUTE);
	71	+ $text = htmlspecialchars($text, ENT_COMPAT\|ENT_HTML401\|ENT_SUBSTITUTE);
72	72	}
73	73	if (is_array($options->highlight_terms)) {
74	74	$text = highlight_terms($text, $options->highlight_terms);
		@@ -104,7 +104,7 @@ discard block
		block discarded – undo
104	104	// If $export is true, don't use BOINC CSS
105	105
106	106	function substr2($s, $n1, $n2) {
107		- return substr($s, $n1, $n2-$n1);
	107	+ return substr($s, $n1, $n2 - $n1);
108	108	}
109	109
110	110	// process non-nestable constructs: [pre] and [code]
		@@ -180,7 +180,7 @@ discard block
		block discarded – undo
180	180	// but not any hacker stuff like " alert(1)
181	181	$httpsregex = "(?:\"?)https\:\/\/([^\[\"<\ ]+)(?:\"?)";
182	182	// List of allowable tags
183		- $bbtags = array (
	183	+ $bbtags = array(
184	184	"@\[b\](.*?)\[/b\]@is",
185	185	"@\[i\](.*?)\[/i\]@is",
186	186	"@\[u\](.*?)\[/u\]@is",
		@@ -209,7 +209,7 @@ discard block
		block discarded – undo
209	209
210	210	// What the above tags are turned in to
211	211	if ($export) {
212		- $htmltags = array (
	212	+ $htmltags = array(
213	213	"<b>\\1</b>",
214	214	"<i>\\1</i>",
215	215	"<u>\\1</u>",
		@@ -236,7 +236,7 @@ discard block
		block discarded – undo
236	236	"<a href=\"https://github.com/BOINC/boinc/wiki/\\1\">\\1</a>",
237	237	);
238	238	} else {
239		- $htmltags = array (
	239	+ $htmltags = array(
240	240	"<b>\\1</b>",
241	241	"<i>\\1</i>",
242	242	"<u>\\1</u>",
		@@ -268,7 +268,7 @@ discard block
		block discarded – undo
268	268	$lasttext = "";
269	269	$i = 0;
270	270	// $i<1000 to prevent DoS
271		- while ($text != $lasttext && $i<1000) {
	271	+ while ($text != $lasttext && $i < 1000) {
272	272	$lasttext = $text;
273	273	$text = preg_replace($bbtags, $htmltags, $text);
274	274	$i = $i + 1;
		@@ -278,7 +278,7 @@ discard block
		block discarded – undo
278	278	return $text;
279	279	}
280	280
281		-function bb2html($text, $export=false) {
	281	+function bb2html($text, $export = false) {
282	282	$text = replace_pre_code($text, $export);
283	283	return bb2html_aux($text, $export);
284	284	}
		@@ -287,7 +287,7 @@ discard block
		block discarded – undo
287	287	// for example inside <pre> containers
288	288	// The original \n was retained after the br when it was added
289	289	//
290		-function remove_br($text){
	290	+function remove_br($text) {
291	291	return str_replace("<br />", "", $text);
292	292	}
293	293
		@@ -295,19 +295,19 @@ discard block
		block discarded – undo
295	295	//
296	296	function externalize_links($text) {
297	297	// TODO: Convert this to PCRE
298		- $i=0;
299		- $linkpos=true;
	298	+ $i = 0;
	299	+ $linkpos = true;
300	300	$out = "";
301		- while (true){
	301	+ while (true) {
302	302	// Find a link
303	303	//
304		- $linkpos=strpos($text, "<a ", $i);
305		- if ($linkpos===false) break;
	304	+ $linkpos = strpos($text, "<a ", $i);
	305	+ if ($linkpos === false) break;
306	306
307	307	// Replace with target='_new'
308	308	//
309		- $out .= substr($text, $i, $linkpos-$i)."<a target=\"_new\" ";
310		- $i = $linkpos+3;
	309	+ $out .= substr($text, $i, $linkpos - $i)."<a target=\"_new\" ";
	310	+ $i = $linkpos + 3;
311	311	}
312	312	$out .= substr($text, $i);
313	313	return $out;
		@@ -315,7 +315,7 @@ discard block
		block discarded – undo
315	315
316	316	// Converts image tags to links to the images.
317	317	//
318		-function image_as_link($text){
	318	+function image_as_link($text) {
319	319	$pattern = '@<img([\S\s]+?)src=([^>]+?)>@si';
320	320	$replacement = '<a href=${2}>[Image link]</a>';
321	321	return preg_replace($pattern, $replacement, $text);

BOINC / boinc

Push — dpa_bbcode4 ( 03914f )

Status

Category

Spacing +23 added lines, -23 removed lines patch added patch discarded remove patch