Fix regex injection (#1079)

Closes #1078
nelmio · Feb 27, 2021 · b57f4c6 · b57f4c6
1 parent 183961d
commit b57f4c6
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/src/Definition/Value/FixtureMatchReferenceValue.php b/src/Definition/Value/FixtureMatchReferenceValue.php
@@ -38,19 +38,19 @@ public function __construct(string $pattern)
      */
     public static function createWildcardReference(string $reference): self
     {
-        return new self(sprintf('/^%s.*/', $reference));
+        return new self(sprintf('/^%s.*/', preg_quote($reference, '/')));
     }
 
     public function match(string $value): bool
     {
         return 1 === preg_match($this->pattern, $value);
     }
-    
+
     public function getValue(): string
     {
         return $this->pattern;
     }
-    
+
     public function __toString(): string
     {
         return sprintf('@(regex: %s)', $this->pattern);

diff --git a/tests/Definition/Value/FixtureMatchReferenceValueTest.php b/tests/Definition/Value/FixtureMatchReferenceValueTest.php
@@ -56,4 +56,10 @@ public function testCanBeCastedIntoAString(): void
         $value = FixtureMatchReferenceValue::createWildcardReference('dummy');
         static::assertEquals('@(regex: /^dummy.*/)', (string) $value);
     }
+
+    public function testReferenceIsRegexEscaped(): void
+    {
+        $value = FixtureMatchReferenceValue::createWildcardReference('du/m*m+y.ref[ere]n(c)e');
+        static::assertEquals('/^du\\/m\\*m\\+y\\.ref\\[ere\\]n\\(c\\)e.*/', $value->getValue());
+    }
 }