Billion laughs detection in wordfilters

ctrlcctrlv · c3ff6daa5317b83f5f40585dfa37e506118e1d79 · ctrlcctrlv committed Feb 16, 2015 · Feb 16, 2015 · c3ff6da
1 parent 0cef3a8
commit c3ff6daa5317b83f5f40585dfa37e506118e1d79
Unified Split

Showing with 25 additions and 0 deletions.

+25 −0 inc/8chan-mod-pages.php
@@ -14,6 +14,28 @@ function purify($s){
 		}
 	}
 
+	if (!function_exists('is_billion_laughs')){
+		function is_billion_laughs($arr1, $arr2) {
+			$arr = array();
+			foreach ($arr1 as $k => $v) {
+				$arr[$v] = $arr2[$k];
+			}
+
+			for ($i = 0; $i <= sizeof($arr); $i++) {
+				$cur = array_slice($arr, $i, 1);
+				$pst = array_slice($arr, 0, $i);
+				if (!$cur) continue;
+				$kk = array_keys($cur)[0];
+				$vv = array_values($cur)[0];
+				foreach ($pst as $k => $v) {
+					if (str_replace($kk, $vv, $v) != $v)
+						return true;
+				}
+			}
+			return false;
+		}
+	}
+
 	$config['mod']['show_ip'] = GLOBALVOLUNTEER;
 	$config['mod']['show_ip_less'] = BOARDVOLUNTEER;
 	$config['mod']['manageusers'] = GLOBALVOLUNTEER;
@@ -459,6 +481,9 @@ function purify($s){
 						}
 					}
 				}
+				if (is_billion_laughs($_POST['replace'], $_POST['with'])) {
+					error(_('Wordfilters may not wordfilter previous wordfilters. For example, if a filters to bb and b filters to cc, that is not allowed.'));
+				}
 			}
 
 			if (isset($_POST['hour_max_threads']) && in_array($_POST['hour_max_threads'], ['10', '25', '50', '100'])) {