Uploaded image for project: 'phpBB'
  1. phpBB
  2. PHPBB-17614

Sphinx: Incomplete parentheses in search terms lead to an error

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • 3.3.15
    • Search
    • PHP 8.2.20, Apache 2.4.41, Sphinx 2.2.11, phpBB 3.3.15

      Hello,

      Errors are logged when someone enters a single round bracket `(` or `)` in the search field. The search fails.  

      Closed brackets "(either, or)" are fine because they offer a feature.

       

      Example:

      https://www.myphpbbdomain.com/search.php?keywords=test+%29

      Result: 

      Search failed: index index_phpbb_xxxxxxxx_delta,index_phpbb_xxxxxxxx_main: syntax error, unexpected ')' near ')'

      Entering the parentheses in the Sphinx config under ignore_chars does not help because this only refers to indexing. 

      See also:

      https://www.phpbb.com/community/viewtopic.php?t=2656225 

      Since the errors were logged with the following queries, I assume that these were attempts at an SQL injection. Example: 

      Sphinx error
      "index index_phpbb_xxxxxxxx_delta,index_phpbb_xxxxxxxx_main: syntax error, unexpected ')' near ') UNION ALL SELECT NULL, NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -'
      

      I suggest that incomplete brackets should be filtered out in

      \phpbb\search\fulltext_sphinx::sphinx_clean_search_string
      

       Greets: Matengor

            Unassigned Unassigned
            Matengor Matengor
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: