Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F585127
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Flag For Later
Award Token
Size
3 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/includes/libs/Stats/StatsUtils.php b/includes/libs/Stats/StatsUtils.php
index 45539394ba7..f8ee595cfc7 100644
--- a/includes/libs/Stats/StatsUtils.php
+++ b/includes/libs/Stats/StatsUtils.php
@@ -128,11 +128,15 @@ class StatsUtils {
* Replace all other non-alphanumeric characters with an underscore.
* Trim leading or trailing underscores.
*
+ * Note: We are not using /i (case-insensitive flag)
+ * or \d (digit character class escape) here because
+ * their behavior changes with respect to locale settings.
+ *
* @param string $entity
* @return string
*/
public static function normalizeString( string $entity ): string {
- $entity = preg_replace( '/[^a-z\d]+/i', '_', $entity );
- return trim( $entity, "_" );
+ $entity = preg_replace( '/[^a-zA-Z0-9]+/', '_', $entity );
+ return trim( $entity, '_' );
}
}
diff --git a/includes/libs/Stats/UnitTestingHelper.php b/includes/libs/Stats/UnitTestingHelper.php
index fc1f2f50823..4c1415f7dad 100644
--- a/includes/libs/Stats/UnitTestingHelper.php
+++ b/includes/libs/Stats/UnitTestingHelper.php
@@ -285,8 +285,8 @@ class UnitTestingHelper {
);
throw new InvalidArgumentException( "Filter components cannot be empty." );
}
- $key = preg_replace( '/[^a-z\d_]+/i', '', $key );
- $value = preg_replace( '/[^a-z\d_]+/i', '', $value );
+ $key = preg_replace( '/[^a-zA-Z0-9_]+/', '', $key );
+ $value = preg_replace( '/[^a-zA-Z0-9_]+/', '', $value );
return [ $key, $value, $operator ];
}
diff --git a/tests/phpunit/unit/includes/libs/Stats/MetricTest.php b/tests/phpunit/unit/includes/libs/Stats/MetricTest.php
index 3786eb5e71e..5b277f9540c 100644
--- a/tests/phpunit/unit/includes/libs/Stats/MetricTest.php
+++ b/tests/phpunit/unit/includes/libs/Stats/MetricTest.php
@@ -12,6 +12,7 @@ use Wikimedia\Stats\Metrics\NullMetric;
use Wikimedia\Stats\OutputFormats;
use Wikimedia\Stats\StatsCache;
use Wikimedia\Stats\StatsFactory;
+use Wikimedia\Stats\StatsUtils;
use Wikimedia\TestingAccessWrapper;
/**
@@ -439,6 +440,12 @@ class MetricTest extends TestCase {
);
}
+ public function testNormalizeStringLocaleHardening() {
+ // Confirm that e.g. the Turkish capital I (U+0130) is stripped
+ // It might not be e.g. when using the tr_TR locale on PHP < 8.2
+ $this->assertSame( 'test_value', StatsUtils::normalizeString( "test\u{0130} value" ) );
+ }
+
public function testSetLabelReserved() {
$metric = @StatsFactory::newNull()->getCounter( 'test' )->setLabel( 'Le', 'foo' );
$this->assertInstanceOf( NullMetric::class, $metric );
diff --git a/tests/phpunit/unit/includes/libs/Stats/StatsFactoryTest.php b/tests/phpunit/unit/includes/libs/Stats/StatsFactoryTest.php
index cfa8927512e..49ec2018f37 100644
--- a/tests/phpunit/unit/includes/libs/Stats/StatsFactoryTest.php
+++ b/tests/phpunit/unit/includes/libs/Stats/StatsFactoryTest.php
@@ -56,7 +56,7 @@ class StatsFactoryTest extends TestCase {
public function testNormalizeString() {
$this->assertEquals(
'new_metric_and_things',
- StatsUtils::normalizeString( 'new metric @#&^and *-&-*things-*&-*!@#&^%#$' )
+ StatsUtils::normalizeString( '_new metric ____@#&^and *-&-*things-*&-*!@#&^%#$__' )
);
}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Sat, Jul 5, 5:32 AM (17 h, 44 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
227545
Default Alt Text
(3 KB)
Attached To
Mode
rMW mediawiki
Attached
Detach File
Event Timeline
Log In to Comment