Parser: Don't swallow chars if a logical operator is missing

nilmerg · nilmerg · commit 409862f9597c · 2021-10-29T13:16:18.000+02:00
diff --git a/src/Filter/Parser.php b/src/Filter/Parser.php
@@ -134,6 +134,11 @@ protected function readFilters($nestingLevel = 0, $op = null, $filters = null, $
                             $this->pos--;
                         } else {
                             $this->termIndex++;
+                            $next = $this->nextChar();
+                            if ($next !== false && ! in_array($next, ['&', '|', ')'])) {
+                                $this->pos++;
+                                $this->parseError($next, 'Expected logical operator');
+                            }
                         }
 
                         break;
@@ -227,6 +232,11 @@ protected function readFilters($nestingLevel = 0, $op = null, $filters = null, $
                             $this->pos--;
                         } else {
                             $this->termIndex++;
+                            $next = $this->nextChar();
+                            if ($next !== false && ! in_array($next, ['&', '|', ')'])) {
+                                $this->pos++;
+                                $this->parseError($next, 'Expected logical operator');
+                            }
                         }
 
                         break;
diff --git a/tests/ParserTest.php b/tests/ParserTest.php
@@ -3,10 +3,31 @@
 namespace ipl\Tests\Web;
 
 use ipl\Stdlib\Filter;
+use ipl\Web\Filter\ParseException;
 use ipl\Web\Filter\Parser;
 
 class ParserTest extends TestCase
 {
+    public function testMissingLogicalOperatorsAfterConditionsAreDetected()
+    {
+        $this->expectException(ParseException::class);
+        $this->expectExceptionMessage(
+            'Invalid filter "(a=b|c=d)e=f", unexpected e at pos 10: Expected logical operator'
+        );
+
+        (new Parser('(a=b|c=d)e=f'))->parse();
+    }
+
+    public function testMissingLogicalOperatorsAfterOperatorsAreDetected()
+    {
+        $this->expectException(ParseException::class);
+        $this->expectExceptionMessage(
+            'Invalid filter "(a=b|c=d|)e=f", unexpected e at pos 11: Expected logical operator'
+        );
+
+        (new Parser('(a=b|c=d|)e=f'))->parse();
+    }
+
     public function testSimpleIndexRecognition()
     {
         $filter = (new Parser('a=b&c=d|e=|g'))->parse();
