From 7112cb150ba8d2de4551c6dd5c82c60120d39948 Mon Sep 17 00:00:00 2001
From: Georg Ringer <georg.ringer@gmail.com>
Date: Wed, 26 Oct 2022 10:40:42 +0200
Subject: [PATCH] [BUGFIX] Harden LocalizationUtility with empty arguments

To avoid exceptions if arguments are given but
empty, an additional check is added in extbase
LocalizationUtility, plus the default in
f:translate is changed back to the same 'null'
value as in v11.

Resolves: #98924
Related: #96473
Releases: main, 11.5
Change-Id: Idd08f7b948eb504999a80a215a7ded64f3c648a0
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/76269
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
---
 .../Classes/Utility/LocalizationUtility.php    |  2 +-
 .../Unit/Utility/LocalizationUtilityTest.php   | 18 ++++++++++++++++++
 .../ViewHelpers/TranslateViewHelper.php        |  2 +-
 .../ViewHelpers/TranslateViewHelperTest.php    | 16 ++++++++++++++++
 4 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/typo3/sysext/extbase/Classes/Utility/LocalizationUtility.php b/typo3/sysext/extbase/Classes/Utility/LocalizationUtility.php
index 1b46b6327622..4a81dcda0362 100644
--- a/typo3/sysext/extbase/Classes/Utility/LocalizationUtility.php
+++ b/typo3/sysext/extbase/Classes/Utility/LocalizationUtility.php
@@ -125,7 +125,7 @@ class LocalizationUtility
             $value = self::$LOCAL_LANG[$languageFilePath]['default'][$key][0]['target'];
         }
 
-        if (is_array($arguments) && $value !== null) {
+        if (is_array($arguments) && $arguments !== [] && $value !== null) {
             // This unrolls arguments from $arguments - instead of calling vsprintf which receives arguments as an array.
             // The reason is that only sprintf() will return an error message if the number of arguments does not match
             // the number of placeholders in the format string. Whereas, vsprintf would silently return nothing.
diff --git a/typo3/sysext/extbase/Tests/Unit/Utility/LocalizationUtilityTest.php b/typo3/sysext/extbase/Tests/Unit/Utility/LocalizationUtilityTest.php
index 3d6ac6e5bfe5..1b93cc3d1417 100644
--- a/typo3/sysext/extbase/Tests/Unit/Utility/LocalizationUtilityTest.php
+++ b/typo3/sysext/extbase/Tests/Unit/Utility/LocalizationUtilityTest.php
@@ -94,6 +94,12 @@ class LocalizationUtilityTest extends UnitTestCase
                             'target' => 'English label with number %d',
                         ],
                     ],
+                    'keyWithPlaceholderAndNoArguments' => [
+                        [
+                            'source' => '%d/%m/%Y',
+                            'target' => '%d/%m/%Y',
+                        ],
+                    ],
                 ],
                 'dk' => [
                     'key1' => [
@@ -132,6 +138,12 @@ class LocalizationUtilityTest extends UnitTestCase
                             'source' => 'English label with number %d',
                         ],
                     ],
+                    'keyWithPlaceholderAndNoArguments' => [
+                        [
+                            'source' => '%d/%m/%Y',
+                            'target' => '%d-%m-%Y',
+                        ],
+                    ],
                 ],
                 // fallback language for labels which are not translated in dk
                 'dk_alt' => [
@@ -280,6 +292,12 @@ class LocalizationUtilityTest extends UnitTestCase
             'replace placeholder with argument' =>
             ['keyWithPlaceholder', 'default', 'English label with number 100', [], [100]],
 
+            'placeholder and empty arguments in default' =>
+            ['keyWithPlaceholderAndNoArguments', 'default', '%d/%m/%Y', [], []],
+
+            'placeholder and empty arguments in translation' =>
+            ['keyWithPlaceholderAndNoArguments', 'dk', '%d-%m-%Y', [], []],
+
             'get translated key from primary language' =>
             ['key1', 'dk', 'Dansk label for key1', ['dk_alt']],
 
diff --git a/typo3/sysext/fluid/Classes/ViewHelpers/TranslateViewHelper.php b/typo3/sysext/fluid/Classes/ViewHelpers/TranslateViewHelper.php
index 92d38d6cad5f..a1dc258b7a0d 100644
--- a/typo3/sysext/fluid/Classes/ViewHelpers/TranslateViewHelper.php
+++ b/typo3/sysext/fluid/Classes/ViewHelpers/TranslateViewHelper.php
@@ -120,7 +120,7 @@ final class TranslateViewHelper extends AbstractViewHelper
         $this->registerArgument('key', 'string', 'Translation Key');
         $this->registerArgument('id', 'string', 'Translation ID. Same as key.');
         $this->registerArgument('default', 'string', 'If the given locallang key could not be found, this value is used. If this argument is not set, child nodes will be used to render the default');
-        $this->registerArgument('arguments', 'array', 'Arguments to be replaced in the resulting string', false, []);
+        $this->registerArgument('arguments', 'array', 'Arguments to be replaced in the resulting string');
         $this->registerArgument('extensionName', 'string', 'UpperCamelCased extension key (for example BlogExample)');
         $this->registerArgument('languageKey', 'string', 'Language key ("dk" for example) or "default" to use. If empty, use current language. Ignored in non-extbase context.');
         $this->registerArgument('alternativeLanguageKeys', 'array', 'Alternative language keys if no translation does exist. Ignored in non-extbase context.');
diff --git a/typo3/sysext/fluid/Tests/Functional/ViewHelpers/TranslateViewHelperTest.php b/typo3/sysext/fluid/Tests/Functional/ViewHelpers/TranslateViewHelperTest.php
index ef22d0eb64c7..968f7e6f4e3c 100644
--- a/typo3/sysext/fluid/Tests/Functional/ViewHelpers/TranslateViewHelperTest.php
+++ b/typo3/sysext/fluid/Tests/Functional/ViewHelpers/TranslateViewHelperTest.php
@@ -98,6 +98,14 @@ class TranslateViewHelperTest extends FunctionalTestCase
                 '<f:translate key="LLL:EXT:indexed_search/Resources/Private/Language/locallang.xlf:form.legend" />',
                 'Search form',
             ],
+            'full LLL syntax for existing label with arguments without given arguments' => [
+                '<f:translate key="LLL:EXT:backend/Resources/Private/Language/locallang.xlf:shortcut.title" />',
+                '%s%s on page &quot;%s&quot; [%d]',
+            ],
+            'full LLL syntax for existing label with arguments with given arguments' => [
+                '<f:translate key="LLL:EXT:backend/Resources/Private/Language/locallang.xlf:shortcut.title" arguments="{0: \"a\", 1: \"b\", 2: \"c\", 3: 13}"/>',
+                'ab on page &quot;c&quot; [13]',
+            ],
             'empty string on invalid extension' => [
                 '<f:translate key="LLL:EXT:i_am_invalid/Resources/Private/Language/locallang.xlf:dummy" />',
                 '',
@@ -142,6 +150,14 @@ class TranslateViewHelperTest extends FunctionalTestCase
                 '<f:translate key="login.header" />',
                 'Login',
             ],
+            'key given with existing label and arguments without given arguments' => [
+                '<f:translate key="shortcut.title" />',
+                '%s%s on page &quot;%s&quot; [%d]',
+            ],
+            'key given with existing label and arguments with given arguments' => [
+                '<f:translate key="shortcut.title" arguments="{0: \"a\", 1: \"b\", 2: \"c\", 3: 13}" />',
+                'ab on page &quot;c&quot; [13]',
+            ],
             'id and extensionName given' => [
                 '<f:translate key="validator.string.notvalid" extensionName="extbase" />',
                 'A valid string is expected.',
-- 
GitLab