Fix regex for parsing DTD entity internal subsets

I do not believe this has any security impact, since the branch of the regex does not allow ';' so its impossible to overflow the quotes while still making a valid xml file. Follow up to bc31c5bd57e5f5 Change-Id: I1b735b3eb5375b1ce7eff7c690aee5b1c3c0d17e
author: Brian Wolff <bawolff+wn@gmail.com> 2023-08-06 01:12:36 -0700
committer: Brian Wolff <bawolff+wn@gmail.com> 2023-10-23 20:17:47 +0000
commit: 816ce7165128d9ef1f38687b155a4f92d529f6b4 (patch)
tree: 43017db677fd0b752b2ce033da83408e92cd01e7 /includes/libs/mime
parent: 7eb8efa71e7884d79c155d77e8f002ee8b5cb68e (diff)
download: mediawikicore-816ce7165128d9ef1f38687b155a4f92d529f6b4.tar.gz
mediawikicore-816ce7165128d9ef1f38687b155a4f92d529f6b4.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/includes/libs/mime/XmlTypeCheck.php b/includes/libs/mime/XmlTypeCheck.php
index d17eeaa7a9cd..035057fed8e4 100644
--- a/includes/libs/mime/XmlTypeCheck.php
+++ b/includes/libs/mime/XmlTypeCheck.php
@@ -436,7 +436,7 @@ class XmlTypeCheck {
 		$res = preg_match(
 			'/^(?:\s*<!ENTITY\s+\S+\s+' .
 				'(?:"(?:&[^"%&;]{1,64};|(?:[^"%&]|&amp;|&quot;){0,255})"' .
-				'|\'(?:&[^"%&;]{1,64};|(?:[^\'%&]|&amp;|&apos;){0,255})\')\s*>' .
+				'|\'(?:&[^\'%&;]{1,64};|(?:[^\'%&]|&amp;|&apos;){0,255})\')\s*>' .
 				'|\s*<!--(?:[^-]|-[^-])*-->' .
 				'|\s*<!ATTLIST svg xmlns:xlink CDATA #FIXED ' .
 				'"http:\/\/www.w3.org\/1999\/xlink">)*\s*$/',
author	Brian Wolff <bawolff+wn@gmail.com>	2023-08-06 01:12:36 -0700
committer	Brian Wolff <bawolff+wn@gmail.com>	2023-10-23 20:17:47 +0000
commit	816ce7165128d9ef1f38687b155a4f92d529f6b4 (patch)
tree	43017db677fd0b752b2ce033da83408e92cd01e7 /includes/libs/mime
parent	7eb8efa71e7884d79c155d77e8f002ee8b5cb68e (diff)
download	mediawikicore-816ce7165128d9ef1f38687b155a4f92d529f6b4.tar.gz mediawikicore-816ce7165128d9ef1f38687b155a4f92d529f6b4.zip