Item15192: improved fix to $EVAL()

foswiki · May 22, 2023 · a0bc7a1 · a0bc7a1
1 parent aa5fe1d
commit a0bc7a1
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/SpreadSheetPlugin/lib/Foswiki/Plugins/SpreadSheetPlugin/Calc.pm b/SpreadSheetPlugin/lib/Foswiki/Plugins/SpreadSheetPlugin/Calc.pm
@@ -1735,11 +1735,13 @@ sub _safeEvalPerl {
 
     # remove "e"-s unless in expression such as "123e-4"
     $theText =~ s/(^|[^0-9])e/$1/g;
+
+    # untaint variable
     $theText =~ /(.*)/;
-    $theText = $1;                               # untainted variable
+    $theText = $1;
 
     # disable glob for security reasons
-    while ( $theText =~ s/\<[\.\*\/\?\se]*\>/ /g ) {
+    while ( $theText =~ s/\<[\.\*\/\?\se\<]*\>/ /g ) {
         1;
     }
 

diff --git a/SpreadSheetPlugin/test/unit/SpreadSheetPlugin/SpreadSheetPluginTests.pm b/SpreadSheetPlugin/test/unit/SpreadSheetPlugin/SpreadSheetPluginTests.pm
@@ -437,9 +437,11 @@ sub test_EVAL {
 sub test_EVAL_GLOB {
     my ($this) = @_;
 
+    $this->assert( $this->CALC('$EVAL(1 < 2 + 2 > 1)') == 1 );
+    $this->assert( $this->CALC('$EVAL(1 <2 <> )') == 1 );
     $this->assert( $this->CALC('$EVAL(<>)') == 0 );
-    $this->assert( $this->CALC('$EVAL(<<>>)') == 0 );
-    $this->assert( $this->CALC('$EVAL(<<<>>>)') == 0 );
+    $this->assert( $this->CALC('$EVAL(<<>>)')   =~ /^ERROR:/ );
+    $this->assert( $this->CALC('$EVAL(<<<>>>)') =~ /^ERROR:/ );
     $this->assert( $this->CALC('$EVAL(<*>)') == 0 );
     $this->assert( $this->CALC('$EVAL((<*>))') == 0 );
     $this->assert( $this->CALC('$EVAL(< * >)') == 0 );