Bugfix/rand without param v3 (#796)

* Fixed use of `rand()` without a parameter in math function (for v3.1)
Fixes #794

* Add change in regex for PRCE (PHP < 7.3)

* Add unit tests and correctly set PHP supported versions

* Drop PHP5.2 from CI workflows because it cannot be build anymore

* Fix CI workflow for PHP7.2 and up

* re-add compose packages cache with specific key

* Exclude unit test files from git export

* prevent double CI workflows in PRs

.gitattributes

@@ -8,7 +8,9 @@
 # exclude from git export
 /tests export-ignore
 /utilities/ export-ignore
-
+/docker-compose.yml export-ignore
+/.github export-ignore
+/run_tests_for_all_php_versions.sh export-ignore
 /.gitattributes export-ignore
 /.gitignore export-ignore
 /.travis.yml export-ignore

.github/workflows/ci.yml

@@ -0,0 +1,73 @@
+# https://help.github.com/en/categories/automating-your-workflow-with-github-actions
+
+on:
+  pull_request:
+  push:
+    branches:
+      - 'support/3.1'
+
+name: CI
+
+jobs:
+  tests:
+    name: Tests
+
+    runs-on: ${{ matrix.os }}
+
+    env:
+      PHP_EXTENSIONS: dom, json, libxml, mbstring, pdo_sqlite, soap, xml, xmlwriter
+      PHP_INI_VALUES: assert.exception=1, zend.assertions=1
+
+    strategy:
+      fail-fast: false
+      matrix:
+        os:
+          - ubuntu-latest
+
+        php-version:
+          - "5.3"
+          - "5.4"
+          - "5.5"
+          - "5.6"          
+          - "7.1"
+          - "7.2"
+          - "7.3"
+          - "7.4"
+
+        compiler:
+          - default
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Override PHP ini values for JIT compiler
+      if: matrix.compiler == 'jit'
+      run: echo "PHP_INI_VALUES::assert.exception=1, zend.assertions=1, opcache.enable=1, opcache.enable_cli=1, opcache.optimization_level=-1, opcache.jit=1255, opcache.jit_buffer_size=32M" >> $GITHUB_ENV
+
+    - name: Install PHP with extensions
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: ${{ matrix.php-version }}
+        coverage: pcov
+        extensions: ${{ env.PHP_EXTENSIONS }}
+        ini-values: ${{ env.PHP_INI_VALUES }}
+
+    - name: Validate composer.json and composer.lock
+      run: composer validate
+
+    - name: Cache Composer packages
+      id: composer-cache
+      uses: actions/cache@v2
+      with:
+        path: vendor
+        key: Smartyv3-${{ runner.os }}-php-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }}
+        restore-keys: |
+          Smartyv3-${{ runner.os }}-php-${{ matrix.php-version }}-
+
+    - name: Install dependencies
+      if: steps.composer-cache.outputs.cache-hit != 'true'
+      run: composer install --prefer-dist --no-progress --no-suggest
+
+    - name: Run tests with phpunit
+      run: ./phpunit.sh

CHANGELOG.md

@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Fixes
+- Fixed use of `rand()` without a parameter in math function [#794](https://github.com/smarty-php/smarty/issues/794)
+
 ## [3.1.46] - 2022-08-01
 
 ### Fixed

composer.json

@@ -27,7 +27,7 @@
         "forum": "http://www.smarty.net/forums/"
     },
     "require": {
-        "php": ">=5.2"
+        "php": "^5.2 || ^7.0"
     },
     "autoload": {
         "classmap": [

docker-compose.yml

@@ -0,0 +1,51 @@
+version: "2"
+services:
+  base:
+    build:
+      context: .
+      dockerfile: ./utilities/testrunners/php54/Dockerfile
+    volumes:
+      - .:/app
+    working_dir: /app
+    entrypoint: sh ./utilities/testrunners/run-test.sh
+  php54:
+    extends:
+      service: base
+    build:
+      dockerfile: ./utilities/testrunners/php54/Dockerfile
+  php55:
+    extends:
+      service: base
+    build:
+      dockerfile: ./utilities/testrunners/php55/Dockerfile
+  php56:
+    extends:
+      service: base
+    build:
+      dockerfile: ./utilities/testrunners/php56/Dockerfile
+  php70:
+    extends:
+      service: base
+    build:
+      dockerfile: ./utilities/testrunners/php70/Dockerfile
+  php71:
+    extends:
+      service: base
+    build:
+      dockerfile: ./utilities/testrunners/php71/Dockerfile
+  php72:
+    extends:
+      service: base
+    build:
+      dockerfile: ./utilities/testrunners/php72/Dockerfile
+  php73:
+    extends:
+      service: base
+    build:
+      dockerfile: ./utilities/testrunners/php73/Dockerfile
+  php74:
+    extends:
+      service: base
+    build:
+      dockerfile: ./utilities/testrunners/php74/Dockerfile
+

libs/plugins/function.math.php

@@ -70,7 +70,7 @@ function smarty_function_math($params, $template)
     $number = '(?:\d+(?:[,.]\d+)?|pi|π)'; // What is a number
     $functionsOrVars = '((?:0x[a-fA-F0-9]+)|([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*))';
     $operators = '[,+\/*\^%-]'; // Allowed math operators
-    $regexp = '/^(('.$number.'|'.$functionsOrVars.'|('.$functionsOrVars.'\s*\((?1)+\)|\((?1)+\)))(?:'.$operators.'(?1))?)+$/';
+    $regexp = '/^(('.$number.'|'.$functionsOrVars.'|('.$functionsOrVars.'\s*\((?1)*\)|\((?1)*\)))(?:'.$operators.'(?1))?)+$/';
 
     if (!preg_match($regexp, $equation)) {
         trigger_error("math: illegal characters", E_USER_WARNING);

run_tests_for_all_php_versions.sh

@@ -0,0 +1,11 @@
+# Runs tests for all supported PHP versions >= PHP 5.4.
+# Cannot get 5.2 and 5.3 to run in docker anymore
+
+docker-compose run php54 && \
+docker-compose run php55 && \
+docker-compose run php56 && \
+docker-compose run php70 && \
+docker-compose run php71 && \
+docker-compose run php72 && \
+docker-compose run php73 && \
+docker-compose run php74

tests/UnitTests/TemplateSource/ValueTests/Math/MathTest.php

@@ -162,4 +162,12 @@ public function testBracketsIllegal()
 		$this->assertEquals($expected, $this->smarty->fetch($tpl));
 	}
 
+	public function testRand()
+	{
+		$tpl = $this->smarty->createTemplate('eval:{$x = "0"}{math equation="x * rand()" x=$x}');
+		// this assertion may seem silly, but it serves to prove that using rand() without a parameter
+		// will not trigger a security error (see https://github.com/smarty-php/smarty/issues/794)
+		$this->assertEquals("0", $this->smarty->fetch($tpl));
+	}
+
 }

utilities/testrunners/php54/Dockerfile

@@ -0,0 +1,13 @@
+FROM php:5.4-cli
+
+## Upgrade CA certificates
+RUN curl -k https://curl.se/ca/cacert.pem > cacert.crt && cp cacert.crt /usr/local/share/ca-certificates/ && update-ca-certificates
+
+## Basic utilities
+RUN apt-get update -yqq && apt-get install --force-yes -y curl apt-utils git zip unzip
+
+## Composer
+COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
+WORKDIR /root
+RUN sh ./install-composer.sh
+RUN mv ./composer.phar /usr/local/bin/composer

utilities/testrunners/php55/Dockerfile

@@ -0,0 +1,13 @@
+FROM php:5.5-cli
+
+## Upgrade CA certificates
+RUN curl -k https://curl.se/ca/cacert.pem > cacert.crt && cp cacert.crt /usr/local/share/ca-certificates/ && update-ca-certificates
+
+## Basic utilities
+RUN apt-get update -yqq && apt-get install --force-yes -y curl apt-utils git zip unzip
+
+## Composer
+COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
+WORKDIR /root
+RUN sh ./install-composer.sh
+RUN mv ./composer.phar /usr/local/bin/composer

utilities/testrunners/php56/Dockerfile

@@ -0,0 +1,13 @@
+FROM php:5.6-cli
+
+## Upgrade CA certificates
+RUN curl -k https://curl.se/ca/cacert.pem > cacert.crt && cp cacert.crt /usr/local/share/ca-certificates/ && update-ca-certificates
+
+## Basic utilities
+RUN apt-get update -yqq && apt-get install --force-yes -y curl apt-utils git zip unzip
+
+## Composer
+COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
+WORKDIR /root
+RUN sh ./install-composer.sh
+RUN mv ./composer.phar /usr/local/bin/composer

utilities/testrunners/php70/Dockerfile

@@ -0,0 +1,10 @@
+FROM php:7.0-cli
+
+## Basic utilities
+RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
+
+## Composer
+COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
+WORKDIR /root
+RUN sh ./install-composer.sh
+RUN mv ./composer.phar /usr/local/bin/composer

utilities/testrunners/php71/Dockerfile

@@ -0,0 +1,10 @@
+FROM php:7.1-cli
+
+## Basic utilities
+RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
+
+## Composer
+COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
+WORKDIR /root
+RUN sh ./install-composer.sh
+RUN mv ./composer.phar /usr/local/bin/composer

utilities/testrunners/php72/Dockerfile

@@ -0,0 +1,10 @@
+FROM php:7.2-cli
+
+## Basic utilities
+RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
+
+## Composer
+COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
+WORKDIR /root
+RUN sh ./install-composer.sh
+RUN mv ./composer.phar /usr/local/bin/composer

utilities/testrunners/php73/Dockerfile

@@ -0,0 +1,10 @@
+FROM php:7.3-cli
+
+## Basic utilities
+RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
+
+## Composer
+COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
+WORKDIR /root
+RUN sh ./install-composer.sh
+RUN mv ./composer.phar /usr/local/bin/composer

utilities/testrunners/php74/Dockerfile

@@ -0,0 +1,10 @@
+FROM php:7.4-cli
+
+## Basic utilities
+RUN apt-get update -yqq && apt-get install -y curl apt-utils git zip unzip
+
+## Composer
+COPY ./utilities/testrunners/shared/install-composer.sh /root/install-composer.sh
+WORKDIR /root
+RUN sh ./install-composer.sh
+RUN mv ./composer.phar /usr/local/bin/composer

utilities/testrunners/run-test.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+composer update && php ./vendor/phpunit/phpunit/phpunit -c phpunit.xml tests

utilities/testrunners/shared/install-composer.sh

@@ -0,0 +1,17 @@
+#!/bin/sh
+
+EXPECTED_CHECKSUM="$(php -r 'copy("https://composer.github.io/installer.sig", "php://stdout");')"
+php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
+ACTUAL_CHECKSUM="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
+
+if [ "$EXPECTED_CHECKSUM" != "$ACTUAL_CHECKSUM" ]
+then
+    >&2 echo 'ERROR: Invalid installer checksum'
+    rm composer-setup.php
+    exit 1
+fi
+
+php composer-setup.php --quiet
+RESULT=$?
+rm composer-setup.php
+exit $RESULT