Fix quadratic complexity of certain queries, thanks to work by

Maximilian Krög <maxi_kroeg@web.de>.

This is phpMyAdmin security issue #359.

Signed-off-by: Isaac Bennetch <bennetch@gmail.com>

Author: MoonE

CHANGELOG.md

@@ -5,6 +5,7 @@
 ### Fixed
 
 - Add "RECURSIVE" on build() for "WITH RECURSIVE" on the WithStatement class (#605)
+- Fix for quadratic complexity in certain queries, which could have caused long execution times. Thanks to Maximilian Krög (GitHub user MoonE) for this security-related fix.
 
 ## [5.10.2] - 2024-12-05
 

src/Lexer.php

@@ -892,6 +892,7 @@ public function parseNumber()
                 ) {
                     // A number can't be directly followed by a letter
                     $state = -$state;
+                    break;
                 } elseif ($this->str[$this->last] < '0' || $this->str[$this->last] > '9') {
                     // Just digits and `.`, `e` and `E` are valid characters.
                     break;
@@ -906,6 +907,7 @@ public function parseNumber()
                 ) {
                     // A number can't be directly followed by a letter
                     $state = -$state;
+                    break;
                 } elseif ($this->str[$this->last] < '0' || $this->str[$this->last] > '9') {
                     // Just digits, `e` and `E` are valid characters.
                     break;
@@ -923,6 +925,7 @@ public function parseNumber()
                 ) {
                     // A number can't be directly followed by a letter
                     $state = -$state;
+                    break;
                 } else {
                     break;
                 }