Check return value of preg_match in Sanitizer.php

preg_match returns bool to indicate if $regs contains content, check
that before using the array.

Bug: T75487
Change-Id: Idca50feb170e35ca25e9874674f5a4091748052a

diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php
index 104ce03..96193a7 100644 (file)
--- a/includes/Sanitizer.php
+++ b/includes/Sanitizer.php
@@ -573,27 +573,25 @@ class Sanitizer {
                } else {
                        # this might be possible using tidy itself
                        foreach ( $bits as $x ) {
-                               preg_match( self::ELEMENT_BITS_REGEX, $x, $regs );
-
-                               wfSuppressWarnings();
-                               list( /* $qbar */, $slash, $t, $params, $brace, $rest ) = $regs;
-                               wfRestoreWarnings();
+                               if ( preg_match( self::ELEMENT_BITS_REGEX, $x, $regs ) ) {
+                                       list( /* $qbar */, $slash, $t, $params, $brace, $rest ) = $regs;
 
-                               $badtag = false;
-                               if ( isset( $htmlelements[$t = strtolower( $t )] ) ) {
-                                       if ( is_callable( $processCallback ) ) {
-                                               call_user_func_array( $processCallback, array( &$params, $args ) );
-                                       }
+                                       $badtag = false;
+                                       if ( isset( $htmlelements[$t = strtolower( $t )] ) ) {
+                                               if ( is_callable( $processCallback ) ) {
+                                                       call_user_func_array( $processCallback, array( &$params, $args ) );
+                                               }
 
-                                       if ( !Sanitizer::validateTag( $params, $t ) ) {
-                                               $badtag = true;
-                                       }
+                                               if ( !Sanitizer::validateTag( $params, $t ) ) {
+                                                       $badtag = true;
+                                               }
 
-                                       $newparams = Sanitizer::fixTagAttributes( $params, $t );
-                                       if ( !$badtag ) {
-                                               $rest = str_replace( '>', '>', $rest );
-                                               $text .= "<$slash$t$newparams$brace$rest";
-                                               continue;
+                                               $newparams = Sanitizer::fixTagAttributes( $params, $t );
+                                               if ( !$badtag ) {
+                                                       $rest = str_replace( '>', '&gt;', $rest );
+                                                       $text .= "<$slash$t$newparams$brace$rest";
+                                                       continue;
+                                               }
                                        }
                                }
                                $text .= '&lt;' . str_replace( '>', '&gt;', $x );