diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2023-02-25 21:03:40 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2023-02-25 21:03:40 +0100 |
| commit | 40f2b82e44ba06c5ee07e919237eb7273e3c1447 (patch) | |
| tree | d40656592c90c6d44faf3e02903217c636e52776 /inc | |
| parent | a42c05d2dd170bfdf65b34862ce9ed085297d733 (diff) | |
| download | dokuwiki-40f2b82e44ba06c5ee07e919237eb7273e3c1447.tar.gz dokuwiki-40f2b82e44ba06c5ee07e919237eb7273e3c1447.zip | |
Fix unititialized string offset access in query parser
The code always tried to access positon 2 of the parsed token, even for
tokens shorter than that (like OR)
fixes #3896
Diffstat (limited to 'inc')
| -rw-r--r-- | inc/fulltext.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/inc/fulltext.php b/inc/fulltext.php index d2e579544..fda2b0e5b 100644 --- a/inc/fulltext.php +++ b/inc/fulltext.php @@ -845,7 +845,7 @@ function ft_queryParser($Indexer, $query){ $q['parsed_ary'] = $parsed_ary; foreach ($q['parsed_ary'] as $token) { - if ($token[2] !== ':') continue; + if (strlen($token) < 3 || $token[2] !== ':') continue; $body = substr($token, 3); switch (substr($token, 0, 3)) { |