From 579ffa5c96e1d292c060b3dd62811ff01ad8c24e Mon Sep 17 00:00:00 2001
From: Justin Hileman <justin@justinhileman.info>
Date: Fri, 21 Jan 2022 01:08:36 -0500
Subject: [PATCH] Fix CVE-2022-0323 (improper neutralization of section names)

- Fixes possible RCE when rendering untrusted user templates.
- Remove unnecessary comments in generated source.
---
 src/Mustache/Compiler.php | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/Mustache/Compiler.php b/src/Mustache/Compiler.php
index 2fa1a736..93a295ae 100644
--- a/src/Mustache/Compiler.php
+++ b/src/Mustache/Compiler.php
@@ -320,7 +320,6 @@ private function block($nodes)
     }
 
     const SECTION_CALL = '
-        // %s section
         $value = $context->%s(%s);%s
         $buffer .= $this->section%s($context, $indent, $value);
     ';
@@ -391,11 +390,10 @@ private function section($nodes, $id, $filters, $start, $end, $otag, $ctag, $lev
         $id      = var_export($id, true);
         $filters = $this->getFilters($filters, $level);
 
-        return sprintf($this->prepare(self::SECTION_CALL, $level), $id, $method, $id, $filters, $key);
+        return sprintf($this->prepare(self::SECTION_CALL, $level), $method, $id, $filters, $key);
     }
 
     const INVERTED_SECTION = '
-        // %s inverted section
         $value = $context->%s(%s);%s
         if (empty($value)) {
             %s
@@ -418,7 +416,7 @@ private function invertedSection($nodes, $id, $filters, $level)
         $id      = var_export($id, true);
         $filters = $this->getFilters($filters, $level);
 
-        return sprintf($this->prepare(self::INVERTED_SECTION, $level), $id, $method, $id, $filters, $this->walk($nodes, $level));
+        return sprintf($this->prepare(self::INVERTED_SECTION, $level), $method, $id, $filters, $this->walk($nodes, $level));
     }
 
     const PARTIAL_INDENT = ', $indent . %s';