MAGETWO-65715: Upgrade zend Framework 1 to 1.12.20

igrybkov · igrybkov · commit bc5258a7831c · 2017-03-24T14:08:24.000+02:00
- Merge tag 'release-1.12.19' into MAGETWO-65715-1.12.20
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -1,5 +1,18 @@
 # CONTRIBUTING
 
+> ## End-of-Life occurs 28 Sep 2016
+>
+> Between now and 28 Sep 2016, we will only be accepting security patches to
+> this repository; after that date, we will issue no more releases.
+>
+> For more information:
+>
+> - https://framework.zend.com/blog/2016-06-28-zf1-eol.html
+
+---
+
+> ## Contributors License Agreement
+>
 > **To submit code, patches, and proposals to Zend Framework, contributors must
 agree to the New BSD License and also submit a signed
 [Contributor License Agreement (CLA)](https://github.com/zendframework/zf1/wiki/Contributor-License-Agreement-%28CLA%29).**
@@ -38,4 +51,4 @@ contributors a chance to resolve the vulnerability and issue a new release prior
 to any public exposure; this helps protect Zend Framework users and provides
 them with a chance to upgrade and/or update in order to protect their applications.
 
-For sensitive email communications, please use [our PGP key](http://framework.zend.com/zf-security-pgp-key.asc).
+For sensitive email communications, please use [our PGP key](http://framework.zend.com/zf-security-pgp-key.asc).
diff --git a/library/Zend/Db/Select.php b/library/Zend/Db/Select.php
@@ -81,7 +81,9 @@ class Zend_Db_Select
     const SQL_ASC        = 'ASC';
     const SQL_DESC       = 'DESC';
 
-    const REGEX_COLUMN_EXPR = '/^([\w]*\s*\(([^\(\)]|(?1))*\))$/';
+    const REGEX_COLUMN_EXPR       = '/^([\w]*\s*\(([^\(\)]|(?1))*\))$/';
+    const REGEX_COLUMN_EXPR_ORDER = '/^([\w]+\s*\(([^\(\)]|(?1))*\))$/';
+    const REGEX_COLUMN_EXPR_GROUP = '/^([\w]+\s*\(([^\(\)]|(?1))*\))$/';
 
     /**
      * Bind variables for query
@@ -511,7 +513,7 @@ public function group($spec)
         }
 
         foreach ($spec as $val) {
-            if (preg_match(self::REGEX_COLUMN_EXPR, (string) $val)) {
+            if (preg_match(self::REGEX_COLUMN_EXPR_GROUP, (string) $val)) {
                 $val = new Zend_Db_Expr($val);
             }
             $this->_parts[self::GROUP][] = $val;
@@ -603,7 +605,7 @@ public function order($spec)
                     $val = trim($matches[1]);
                     $direction = $matches[2];
                 }
-                if (preg_match(self::REGEX_COLUMN_EXPR, $val)) {
+                if (preg_match(self::REGEX_COLUMN_EXPR_ORDER, $val)) {
                     $val = new Zend_Db_Expr($val);
                 }
                 $this->_parts[self::ORDER][] = array($val, $direction);
diff --git a/library/Zend/Version.php b/library/Zend/Version.php
@@ -32,7 +32,7 @@ final class Zend_Version
     /**
      * Zend Framework version identification - see compareVersion()
      */
-    const VERSION = '1.12.18';
+    const VERSION = '1.12.19';
 
     /**
      * The latest stable version Zend Framework available
diff --git a/tests/Zend/Db/Select/StaticTest.php b/tests/Zend/Db/Select/StaticTest.php
@@ -834,6 +834,10 @@ public function testSqlInjectionWithOrder()
         $select = $this->_db->select();
         $select->from(array('p' => 'products'))->order('MD5(1);drop table products; -- )');
         $this->assertEquals('SELECT "p".* FROM "products" AS "p" ORDER BY "MD5(1);drop table products; -- )" ASC', $select->assemble());
+
+        $select = $this->_db->select();
+        $select->from('p')->order("MD5(\";(\");DELETE FROM p2; SELECT 1 #)");
+        $this->assertEquals('SELECT "p".* FROM "p" ORDER BY "MD5("";("");DELETE FROM p2; SELECT 1 #)" ASC', $select->assemble());
     }
 
     public function testSqlInjectionWithGroup()
@@ -845,6 +849,10 @@ public function testSqlInjectionWithGroup()
         $select = $this->_db->select();
         $select->from(array('p' => 'products'))->group('MD5(1); drop table products; -- )');
         $this->assertEquals('SELECT "p".* FROM "products" AS "p" GROUP BY "MD5(1); drop table products; -- )"', $select->assemble());
+
+        $select = $this->_db->select();
+        $select->from('p')->group("MD5(\";(\");DELETE FROM p2; SELECT 1 #)");
+        $this->assertEquals('SELECT "p".* FROM "p" GROUP BY "MD5("";("");DELETE FROM p2; SELECT 1 #)"', $select->assemble());
     }
 
     public function testSqlInjectionInColumn()

Original file line number	Diff line number	Diff line change
`@@ -81,7 +81,9 @@ class Zend_Db_Select`
`81`	`81`	`const SQL_ASC = 'ASC';`
`82`	`82`	`const SQL_DESC = 'DESC';`
`83`	`83`
`84`		`- const REGEX_COLUMN_EXPR = '/^([\w]\s\(([^\(\)]\|(?1))*\))$/';`
	`84`	`+ const REGEX_COLUMN_EXPR = '/^([\w]\s\(([^\(\)]\|(?1))*\))$/';`
	`85`	`+ const REGEX_COLUMN_EXPR_ORDER = '/^([\w]+\s\(([^\(\)]\|(?1))\))$/';`
	`86`	`+ const REGEX_COLUMN_EXPR_GROUP = '/^([\w]+\s\(([^\(\)]\|(?1))\))$/';`
`85`	`87`
`86`	`88`	`/**`
`87`	`89`	`* Bind variables for query`
`@@ -511,7 +513,7 @@ public function group($spec)`
`511`	`513`	`}`
`512`	`514`
`513`	`515`	`foreach ($spec as $val) {`
`514`		`- if (preg_match(self::REGEX_COLUMN_EXPR, (string) $val)) {`
	`516`	`+ if (preg_match(self::REGEX_COLUMN_EXPR_GROUP, (string) $val)) {`
`515`	`517`	`$val = new Zend_Db_Expr($val);`
`516`	`518`	`}`
`517`	`519`	`$this->_parts[self::GROUP][] = $val;`
`@@ -603,7 +605,7 @@ public function order($spec)`
`603`	`605`	`$val = trim($matches[1]);`
`604`	`606`	`$direction = $matches[2];`
`605`	`607`	`}`
`606`		`- if (preg_match(self::REGEX_COLUMN_EXPR, $val)) {`
	`608`	`+ if (preg_match(self::REGEX_COLUMN_EXPR_ORDER, $val)) {`
`607`	`609`	`$val = new Zend_Db_Expr($val);`
`608`	`610`	`}`
`609`	`611`	`$this->_parts[self::ORDER][] = array($val, $direction);`