Merge branch 'EreMaijala-fix-backtrack-limit'

Author: matthiasmullie

src/CSS.php

@@ -13,6 +13,7 @@
 namespace MatthiasMullie\Minify;
 
 use MatthiasMullie\Minify\Exceptions\FileImportException;
+use MatthiasMullie\Minify\Exceptions\PatternMatchException;
 use MatthiasMullie\PathConverter\Converter;
 use MatthiasMullie\PathConverter\ConverterInterface;
 
@@ -296,6 +297,8 @@ protected function importFiles($source, $content)
      * @param string[] $parents Parent paths, for circular reference checks
      *
      * @return string The minified data
+     *
+     * @throws PatternMatchException
      */
     public function execute($path = null, $parents = array())
     {
@@ -733,36 +736,59 @@ protected function stripComments()
      * @param string $content The CSS content to strip the whitespace for
      *
      * @return string
+     *
+     * @throws PatternMatchException
      */
     protected function stripWhitespace($content)
     {
         // remove leading & trailing whitespace
-        $content = preg_replace('/^\s*/m', '', $content);
-        $content = preg_replace('/\s*$/m', '', $content);
+        $content = $this->pregReplace('/^\s*/m', '', $content);
+        $content = $this->pregReplace('/\s*$/m', '', $content);
 
         // replace newlines with a single space
-        $content = preg_replace('/\s+/', ' ', $content);
+        $content = $this->pregReplace('/\s+/', ' ', $content);
 
         // remove whitespace around meta characters
         // inspired by stackoverflow.com/questions/15195750/minify-compress-css-with-regex
-        $content = preg_replace('/\s*([\*$~^|]?+=|[{};,>~]|!important\b)\s*/', '$1', $content);
-        $content = preg_replace('/([\[(:>\+])\s+/', '$1', $content);
-        $content = preg_replace('/\s+([\]\)>\+])/', '$1', $content);
-        $content = preg_replace('/\s+(:)(?![^\}]*\{)/', '$1', $content);
+        $content = $this->pregReplace('/\s*([\*$~^|]?+=|[{};,>~]|!important\b)\s*/', '$1', $content);
+        $content = $this->pregReplace('/([\[(:>\+])\s+/', '$1', $content);
+        $content = $this->pregReplace('/\s+([\]\)>\+])/', '$1', $content);
+        $content = $this->pregReplace('/\s+(:)(?![^\}]*\{)/', '$1', $content);
 
         // whitespace around + and - can only be stripped inside some pseudo-
         // classes, like `:nth-child(3+2n)`
         // not in things like `calc(3px + 2px)`, shorthands like `3px -2px`, or
         // selectors like `div.weird- p`
         $pseudos = array('nth-child', 'nth-last-child', 'nth-last-of-type', 'nth-of-type');
-        $content = preg_replace('/:(' . implode('|', $pseudos) . ')\(\s*([+-]?)\s*(.+?)\s*([+-]?)\s*(.*?)\s*\)/', ':$1($2$3$4$5)', $content);
+        $content = $this->pregReplace('/:(' . implode('|', $pseudos) . ')\(\s*([+-]?)\s*(.+?)\s*([+-]?)\s*(.*?)\s*\)/', ':$1($2$3$4$5)', $content);
 
         // remove semicolon/whitespace followed by closing bracket
         $content = str_replace(';}', '}', $content);
 
         return trim($content);
     }
 
+    /**
+     * Perform a preg_replace and check for errors.
+     *
+     * @param string $pattern Pattern
+     * @param string $replacement Replacement
+     * @param string $subject String to process
+     *
+     * @return string
+     *
+     * @throws PatternMatchException
+     */
+    protected function pregReplace($pattern, $replacement, $subject)
+    {
+        $result = preg_replace($pattern, $replacement, $subject);
+        if ($result === null) {
+            throw PatternMatchException::fromLastError("Failed to replace with pattern '$pattern'");
+        }
+
+        return $result;
+    }
+
     /**
      * Replace all occurrences of functions that may contain math, where
      * whitespace around operators needs to be preserved (e.g. calc, clamp).

src/Exceptions/PatternMatchException.php

@@ -0,0 +1,36 @@
+<?php
+
+/**
+ * Pattern match exception.
+ *
+ * Please report bugs on https://github.com/matthiasmullie/minify/issues
+ *
+ * @author Ere Maijala <[email protected]>
+ * @copyright Copyright (c) 2012, Matthias Mullie. All rights reserved
+ * @license MIT License
+ */
+
+namespace MatthiasMullie\Minify\Exceptions;
+
+/**
+ * Pattern Match Exception Class.
+ *
+ * @author Ere Maijala <[email protected]>
+ */
+class PatternMatchException extends BasicException
+{
+    /**
+     * Create an exception from preg_last_error.
+     *
+     * @param string $msg Error message
+     */
+    public static function fromLastError($msg)
+    {
+        $msg .= ': Error ' . preg_last_error();
+        if (PHP_MAJOR_VERSION >= 8) {
+            $msg .= ' - ' . preg_last_error_msg();
+        }
+
+        return new PatternMatchException($msg);
+    }
+}

src/Minify.php

@@ -13,6 +13,7 @@
 namespace MatthiasMullie\Minify;
 
 use MatthiasMullie\Minify\Exceptions\IOException;
+use MatthiasMullie\Minify\Exceptions\PatternMatchException;
 use Psr\Cache\CacheItemInterface;
 
 /**
@@ -265,23 +266,9 @@ protected function registerPattern($pattern, $replacement = '')
      */
     protected function stripMultilineComments()
     {
-        // First extract comments we want to keep, so they can be restored later
-        // PHP only supports $this inside anonymous functions since 5.4
         $minifier = $this;
-        $callback = function ($match) use ($minifier) {
-            $count = count($minifier->extracted);
-            $placeholder = '/*' . $count . '*/';
-            $minifier->extracted[$placeholder] = $match[0];
-
-            return $placeholder;
-        };
-        $this->registerPattern('/
-            # optional newline
-            \n?
-
-            # start comment
-            \/\*
-
+        // Pattern for matching comments that we want to preserve
+        $keepPattern = '/^
             # comment content
             (?:
                 # either starts with an !
@@ -293,14 +280,24 @@ protected function stripMultilineComments()
                 # there is either a @license or @preserve tag
                 @(?:license|preserve)
             )
+            /ixs';
+        $callback = function ($match) use ($minifier, $keepPattern) {
+            if (preg_match($keepPattern, $match[1])) {
+                // Preserve the comment
+                $count = count($minifier->extracted);
+                $placeholder = '/*' . $count . '*/';
+                $minifier->extracted[$placeholder] = $match[0];
+            } else {
+                // Discard the comment but keep any single line feed
+                $placeholder = strncmp($match[0], "\n", 1) === 0 || substr($match[0], -1) === "\n"
+                    ? "\n"
+                    : '';
+            }
 
-            # then match to the end of the comment
-            .*?\*\/\n?
-
-            /ixs', $callback);
+            return $placeholder;
+        };
 
-        // Then strip all other comments
-        $this->registerPattern('/\/\*.*?\*\//s', '');
+        $this->registerPattern('/\n?\/\*(.*?)\*\/\n?/s', $callback);
     }
 
     /**
@@ -314,6 +311,8 @@ protected function stripMultilineComments()
      * @param string $content The content to replace patterns in
      *
      * @return string The (manipulated) content
+     *
+     * @throws PatternMatchException
      */
     protected function replace($content)
     {
@@ -341,14 +340,20 @@ protected function replace($content)
                 }
 
                 $match = null;
-                if (preg_match($pattern, $content, $match, PREG_OFFSET_CAPTURE, $processedOffset)) {
+                $matchResult = preg_match($pattern, $content, $match, PREG_OFFSET_CAPTURE, $processedOffset);
+                if ($matchResult) {
                     $matches[$i] = $match;
 
                     // we'll store the match position as well; that way, we
                     // don't have to redo all preg_matches after changing only
                     // the first (we'll still know where those others are)
                     $positions[$i] = $match[0][1];
                 } else {
+                    if ($matchResult === false) {
+                        throw PatternMatchException::fromLastError(
+                            "Failed to match pattern '$pattern' at $processedOffset"
+                        );
+                    }
                     // if the pattern couldn't be matched, there's no point in
                     // executing it again in later runs on this same content;
                     // ignore this one until we reach end of content
@@ -445,6 +450,11 @@ protected function extractStrings($chars = '\'"', $placeholderPrefix = '')
         };
 
         /*
+         * Quantifier {0,65535} is used instead of *? to avoid exceeding
+         * backtrack limit with large strings. 65535 is the maximum allowed
+         * (see https://www.php.net/manual/en/regexp.reference.repetition.php)
+         * and should be well sufficient for string representations here.
+         *
          * The \\ messiness explained:
          * * Don't count ' or " as end-of-string if it's escaped (has backslash
          * in front of it)
@@ -456,7 +466,8 @@ protected function extractStrings($chars = '\'"', $placeholderPrefix = '')
          * considered as escape-char (times 2) and to get it in the regex,
          * escaped (times 2)
          */
-        $this->registerPattern('/([' . $chars . '])(.*?(?<!\\\\)(\\\\\\\\)*+)\\1/s', $callback);
+
+        $this->registerPattern('/([' . $chars . '])(.{0,65535}?(?<!\\\\)(\\\\\\\\)*+)\\1/s', $callback);
     }
 
     /**

tests/CSS/CSSTest.php

@@ -98,6 +98,21 @@ public function testSetConfig()
         $this->assertEquals($property->getValue($minifier), array('gif' => 'data:image/gif'));
     }
 
+    /**
+     * Test minifier error handling.
+     */
+    public function testErrorHandling()
+    {
+        // long whitespace that could exceed pcre.backtrack_limit
+        $limit = (int) (ini_get('pcre.backtrack_limit') ?: 1000000);
+        $src = '.a1::after{content: "2"}' . str_repeat(' ', $limit) . '.a1::after{content: "1"}';
+
+        $minifier = $this->getMinifier();
+        $minifier->add($src);
+        $this->expectException('MatthiasMullie\Minify\Exceptions\PatternMatchException');
+        $minifier->minify();
+    }
+
     /**
      * @return array [input, expected result]
      */
@@ -880,6 +895,13 @@ public static function dataProvider()
             'a{color:rgba(var(--bs-link-color-rgb),var(--bs-link-opacity,1));text-decoration:none}a:hover{--bs-link-color-rgb:var(--bs-link-hover-color-rgb)}a:not([href]):not([class]),a:not([href]):not([class]):hover{color:inherit;text-decoration:none}',
         );
 
+        // a large stylesheet that could exceed pcre.backtrack_limit
+        $limit = (int) (ini_get('pcre.backtrack_limit') ?: 1000000);
+        $tests[] = array(
+            '.a1::after{content: "2"}/* Comment with apostrophe\' */' . str_repeat('a{}', (int) ($limit / 3)) . '/* Comment with apostrophe\' */.a1::after{content: "1"}',
+            '.a1::after{content:"2"}.a1::after{content:"1"}',
+        );
+
         return $tests;
     }