parser: Validate $length in padleft/padright parser functions

$length is user input, so cast it to an int before passing it to min().
If there is nothing to add at that point, return immediately.

In PHP 7.1+ this raised a warning of "A non-numeric value encountered"
because min() will return the junk value, returning a string. Then we
try and subtract an int from it (return value of mb_strlen()),
triggering the warning.

Added a parser test to verify the behavior, and confirmed that it
triggers warnings without the patch.

Bug: T180403
Change-Id: I614750962104f6251a864519035366ac9798fc0f
(cherry picked from commit dc96f656affd1f8fab0ae72b0d96e77055e5b336)

diff --git a/includes/parser/CoreParserFunctions.php b/includes/parser/CoreParserFunctions.php
index d408c7f..0e30b3c 100644 (file)
--- a/includes/parser/CoreParserFunctions.php
+++ b/includes/parser/CoreParserFunctions.php
@@ -882,7 +882,7 @@ class CoreParserFunctions {
         * Unicode-safe str_pad with the restriction that $length is forced to be <= 500
         * @param Parser $parser
         * @param string $string
-        * @param int $length
+        * @param string $length
         * @param string $padding
         * @param int $direction
         * @return string
@@ -897,7 +897,12 @@ class CoreParserFunctions {
                }
 
                # The remaining length to add counts down to 0 as padding is added
-               $length = min( $length, 500 ) - mb_strlen( $string );
+               $length = min( (int)$length, 500 ) - mb_strlen( $string );
+               if ( $length <= 0 ) {
+                       // Nothing to add
+                       return $string;
+               }
+
                # $finalPadding is just $padding repeated enough times so that
                # mb_strlen( $string ) + mb_strlen( $finalPadding ) == $length
                $finalPadding = '';

diff --git a/tests/parser/parserTests.txt b/tests/parser/parserTests.txt
index 05afefa..679bb0a 100644 (file)
--- a/tests/parser/parserTests.txt
+++ b/tests/parser/parserTests.txt
@@ -24585,6 +24585,17 @@ abc
 <span typeof="mw:Transclusion" data-mw='{"parts":[{"template":{"target":{"wt":"padright:","function":"padright"},"params":{"1":{"wt":"3"},"2":{"wt":"abcde"}},"i":0}}]}'>abc</span></p>
 !! end
 
+!! test
+Padleft and padright with non-numerical length (T180403)
+!! wikitext
+{{padleft:abcdef|junk}}
+{{padright:abcdef|junk}}
+!! html/php
+<p>abcdef
+abcdef
+</p>
+!! end
+
 !!test
 Special parser function
 !! wikitext