Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: esc(..., 'raw') fails on recursive data structures #8624

Closed
Cleric-K opened this issue Mar 14, 2024 · 1 comment · Fixed by #8633
Closed

Bug: esc(..., 'raw') fails on recursive data structures #8624

Cleric-K opened this issue Mar 14, 2024 · 1 comment · Fixed by #8633
Labels
bug Verified issues on the current code behavior or pull requests that will fix them

Comments

@Cleric-K
Copy link
Contributor

PHP Version

8.2

CodeIgniter4 Version

4.4.6

CodeIgniter4 Installation Method

Composer (as dependency to an existing project)

Which operating systems have you tested for this bug?

Linux

Which server did you use?

apache

Database

No response

What happened?

In the process of upgrading from CI3 -> 4, I encountered a problem with a view() that uses a fairly complex $data structure including &references between elements. Even though the view() helper calls setData() with $context = 'raw', this still ends up in infinite recursion because esc() iterates through the fields of the array and calls esc(..., 'raw') on them. This whole operation is completely unnecessary because in the end it does not escape anything. However, because of the self-references, this walking of the array ends up in infinite recursion.

The esc() function should return $data immediately in the case of 'raw'. There's no need to walk the whole array tree just to build it anew.

Steps to Reproduce

A non-realistic example, just to illustrate the point:

$data = ['key' => []];
$data['key']['recur'] = &$data;
esc($data, 'raw');

Expected Output

The exact same $data array, without iterating its values.

Anything else?

No response
@Cleric-K Cleric-K added the bug Verified issues on the current code behavior or pull requests that will fix them label Mar 14, 2024
@kenjis
Copy link
Member

kenjis commented Mar 17, 2024

You have a valid point. Can you send a PR?
https://github.com/codeigniter4/CodeIgniter4/blob/develop/contributing/README.md

Cleric-K added a commit to Cleric-K/CodeIgniter4 that referenced this issue Mar 18, 2024
@Cleric-K
Fix esc() for 'raw' context codeigniter4#8624
afe552f
Cleric-K added a commit to Cleric-K/CodeIgniter4 that referenced this issue Mar 18, 2024
@Cleric-K
Fix esc() for 'raw' context (codeigniter4#8624)
a3e8039
@kenjis kenjis mentioned this issue Mar 18, 2024
Merged
5 tasks
Cleric-K added a commit to Cleric-K/CodeIgniter4 that referenced this issue Mar 18, 2024
@Cleric-K
esc() for 'raw' context (Fixes codeigniter4#8624)
7447f7f
Cleric-K added a commit to Cleric-K/CodeIgniter4 that referenced this issue Mar 18, 2024
@Cleric-K
esc() for 'raw' context (Fixes codeigniter4#8624)
88ec458
Cleric-K added a commit to Cleric-K/CodeIgniter4 that referenced this issue Mar 19, 2024
@Cleric-K
esc() for 'raw' context (Fixes codeigniter4#8624)
8bdbd50
Cleric-K added a commit to Cleric-K/CodeIgniter4 that referenced this issue Mar 20, 2024
@Cleric-K
esc() for 'raw' context (Fixes codeigniter4#8624)
0b930cc
Cleric-K added a commit to Cleric-K/CodeIgniter4 that referenced this issue Mar 20, 2024
@Cleric-K
esc() for 'raw' context (Fixes codeigniter4#8624)
c9a1bfe
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Verified issues on the current code behavior or pull requests that will fix them
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: esc() for 'raw' context Cleric-K/CodeIgniter4
2 participants
@kenjis @Cleric-K