From 82cbc46592ce87e306f9cb8702471765c7bb3b2c Mon Sep 17 00:00:00 2001
From: MichaelDaum <daum@michaeldaumconsulting.com>
Date: Wed, 17 May 2023 16:28:42 +0200
Subject: [PATCH] Item15192: improved fix to $EVAL()

---
 .../lib/Foswiki/Plugins/SpreadSheetPlugin/Calc.pm              | 1 +
 .../test/unit/SpreadSheetPlugin/SpreadSheetPluginTests.pm      | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/SpreadSheetPlugin/lib/Foswiki/Plugins/SpreadSheetPlugin/Calc.pm b/SpreadSheetPlugin/lib/Foswiki/Plugins/SpreadSheetPlugin/Calc.pm
index b9e69eeaf..0fd11f1b2 100644
--- a/SpreadSheetPlugin/lib/Foswiki/Plugins/SpreadSheetPlugin/Calc.pm
+++ b/SpreadSheetPlugin/lib/Foswiki/Plugins/SpreadSheetPlugin/Calc.pm
@@ -1733,6 +1733,7 @@ sub _safeEvalPerl {
     # disable glob for security reasons
     $theText =~ s/^([\(\s]*)\<+/$1/g;
     $theText =~ s/\>+([\s\)]*)$/$1/g;
+    $theText =~ s/\<\s*\>/ /g;
 
     # remove leading 0s to defuse interpretation of numbers as octals
     $theText =~ s/(^|[^\.])\b0+(?=[0-9])/$1/g;
diff --git a/SpreadSheetPlugin/test/unit/SpreadSheetPlugin/SpreadSheetPluginTests.pm b/SpreadSheetPlugin/test/unit/SpreadSheetPlugin/SpreadSheetPluginTests.pm
index 65030f02d..32333a262 100755
--- a/SpreadSheetPlugin/test/unit/SpreadSheetPlugin/SpreadSheetPluginTests.pm
+++ b/SpreadSheetPlugin/test/unit/SpreadSheetPlugin/SpreadSheetPluginTests.pm
@@ -441,6 +441,9 @@ sub test_EVAL_GLOB {
     $this->assert( $this->CALC('$EVAL((<*>))')             =~ /^ERROR:/ );
     $this->assert( $this->CALC('$EVAL(< * >)')             =~ /^ERROR:/ );
     $this->assert( $this->CALC('$EVAL(<../../../ee*/* >)') =~ /^ERROR:/ );
+    $this->assert( $this->CALC('$EVAL(<>)') == 0 );
+    $this->assert( $this->CALC('$EVAL(2+<>+2)') == 4 );
+    $this->assert( $this->CALC('$EVAL(2+<   >+2)') == 4 );
 }
 
 sub test_EVEN {