Looks to me like the new 2.016 release has a bug in News.php serving rss feeds. Took me a while to figure out why our server load was slowly growing out of control -- turns out some rss feeds were hanging in a php infinite loop.
In the function cdata_parse, 2.016 made a change to v2.015, replacing:
elseif ($smcFunc['substr']($data, $pos, 1) == ']')
{
$cdata .= ']]>]<![CDATA[';
$pos++;
}
with
elseif ($smcFunc['substr']($data, $pos, 3) == ']]>')
{
$cdata .= ']]]]><![CDATA[>';
$pos = $pos + 3;
}
The problem is that the way the function is written, this can cause an infinite loop if it is parsing a post with a ] character in it, because there is no auto-incrementing of the $pos variable and it essentially keeps finding the same ']' and not advancing over it. The $pos variable essentially loops forever without incrementing, causing an infinite loop.
One way to fix it is to add back in the old code from 2.015, another is to add a catch-all at the end of the elseif blocks like so:
else {
// ATTN: 12/29/19 alternate fix for bug introduced in 2.0.16, where $pos stays stuck on a [
// force advance $pos past this character
$pos++;
}
(Another way would be start the loop with $pos = -1 and check to make sure $pos>$old where it makes similar checks).
we are well aware of this issue. we are working on getting a patch out to fix this.
Thanks for the detailed explanatation and fix! <3 You're awesome!
In News.php
Find:
$positions = array(
$smcFunc['strpos']($data, '&', $pos),
$smcFunc['strpos']($data, ']', $pos),
);
Replace with:
$positions = array(
$smcFunc['strpos']($data, '&', $pos),
$smcFunc['strpos']($data, ']]>', $pos),
);
This will be fixed in the next release (2.0.17). You will have to revert this change to get 2.0.17 to apply cleanly.
So if someone has not applied 2.0.16 yet, both 2.0.16 and 2.0.17 should be applied when updating?
As stated in the release announcement, that depends. If you use the incremental patches (https://wiki.simplemachines.org/smf/Patching), then yes. (But 2.0.17 isn't released yet.)
Thanks :)
Confirmed & logged as #100.
Fixed in 2.0.17