From db3f3614e0491d91d4f0cd03f8056a157209dbf4 Mon Sep 17 00:00:00 2001 From: Oliver Klee Date: Wed, 17 Sep 2025 10:35:12 +0200 Subject: [PATCH 1/2] [BUGFIX] Use safe preg functions in `CSSString` Part of #1168 --- CHANGELOG.md | 2 +- src/Value/CSSString.php | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 85b7392cf..63c96ca29 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,7 +18,7 @@ Please also have a look at our ### Fixed -- Use typesafe versions of PHP functions (#1379, #1380) +- Use typesafe versions of PHP functions (#1379, #1380, #1381) ### Documentation diff --git a/src/Value/CSSString.php b/src/Value/CSSString.php index 8c4cf6565..569311d77 100644 --- a/src/Value/CSSString.php +++ b/src/Value/CSSString.php @@ -10,6 +10,8 @@ use Sabberworm\CSS\Parsing\UnexpectedEOFException; use Sabberworm\CSS\Parsing\UnexpectedTokenException; +use function Safe\preg_match; + /** * This class is a wrapper for quoted strings to distinguish them from keywords. * @@ -54,7 +56,7 @@ public static function parse(ParserState $parserState): CSSString $content = null; if ($quote === null) { // Unquoted strings end in whitespace or with braces, brackets, parentheses - while (\preg_match('/[\\s{}()<>\\[\\]]/isu', $parserState->peek()) !== 1) { + while (preg_match('/[\\s{}()<>\\[\\]]/isu', $parserState->peek()) === 0) { $result .= $parserState->parseCharacter(false); } } else { From 358555484ec016492a3ef0e59c3a64517c4b86fe Mon Sep 17 00:00:00 2001 From: Oliver Klee Date: Fri, 19 Sep 2025 09:00:33 +0200 Subject: [PATCH 2/2] Update CHANGELOG.md Co-authored-by: JakeQZ --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 63c96ca29..c3d189170 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,7 +18,7 @@ Please also have a look at our ### Fixed -- Use typesafe versions of PHP functions (#1379, #1380, #1381) +- Use typesafe versions of PHP functions (#1379, #1380, #1382) ### Documentation