From d272137c4f764f8a21f02f56c4dba0ad315ec4aa Mon Sep 17 00:00:00 2001 From: David Cook Date: Mon, 4 Mar 2019 17:43:29 +1100 Subject: [PATCH] Bug 22429: Infinite loop in patron card printing Text fields in Patron Card Text Layouts can contain regular expression metacharacters, which - instead of being treated as literal values - are interpreted and prevent line wrapping. This causes the process to get stuck in an infinite loop, which keeps running even after the web server has timed out (at least when using CGI). This patch escapes the relevant input from the text field so the regular expression substitution treats characters as literals instead of as metacharacters. Signed-off-by: Martin Renvoize Signed-off-by: Nick Clemens (cherry picked from commit 3bd900496690375b2b711743ffaa57371388f687) Signed-off-by: Martin Renvoize (cherry picked from commit 296f6756ab51103d0e104e16cff312d28a8fd165) Signed-off-by: Lucas Gass --- C4/Patroncards/Patroncard.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/C4/Patroncards/Patroncard.pm b/C4/Patroncards/Patroncard.pm index 559d10d921..661a9e8ac5 100644 --- a/C4/Patroncards/Patroncard.pm +++ b/C4/Patroncards/Patroncard.pm @@ -260,7 +260,8 @@ sub draw_text { $line =~ m/^.*(\s.*\s*|\s&|\<.*\>)$/; warn sprintf('Line wrap failed. DEBUG INFO: Data: \'%s\'\n Method: C4::Patroncards->draw_text Additional Information: Line wrap regexp failed. (Please file in this information in a bug report at http://bugs.koha-community.org', $line) and last WRAP_LINES if !$1; $trim = $1 . $trim; - $line =~ s/$1//; + #Sanitize the input into this regular expression so regex metacharacters are escaped as literal values (https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22429) + $line =~ s/\Q$1\E//; $string_width = C4::Creators::PDF->StrWidth($line, $text_attribs->{'font'}, $text_attribs->{'font_size'}); # $font_units_width = $m->string_width($line); # $string_width = ($font_units_width * $text_attribs->{'font_size'}) / $units_per_em; -- 2.39.5