--- filter/tex/filter.php.orig	2009/02/17 05:24:35	1.18.4.4
+++ filter/tex/filter.php	2009/03/26 19:06:29	1.18.4.5
@@ -133,6 +133,16 @@
         $text = str_replace($matches[0][$i],$replacement,$text);
     }
 
+    // TeX blacklist. MDL-18552
+    $tex_blacklist = array(
+        'include','def','command','loop','repeat','open','toks','output',
+        'input','catcode','name','^^',
+        '\every','\errhelp','\errorstopmode','\scrollmode','\nonstopmode',
+        '\batchmode','\read','\write','csname','\newhelp','\uppercase',
+        '\lowercase','\relax','\aftergroup',
+        '\afterassignment','\expandafter','\noexpand','\special'
+    );
+
     // <tex> TeX expression </tex>
     // or <tex alt="My alternative text to be used instead of the TeX form"> TeX expression </tex>
     // or $$ TeX expression $$
@@ -155,6 +165,19 @@
           $align = "text-top";
           $texexp = preg_replace('/^align=top /','',$texexp);
         }
+    /// Check $texexp against blacklist (whitelisting could be more complete but also harder to maintain). MDL-18552
+        $invalidcommands = array();
+        foreach($tex_blacklist as $command) {
+            if (stristr($texexp, $command)) { /// Found invalid command. Annotate.
+                $invalidcommands[] = $command;
+            }
+        }
+        if (!empty($invalidcommands)) { /// Invalid commands found. Output error and continue with next TeX element
+            $invalidstr = get_string('invalidtexcommand', 'error', implode(', ', $invalidcommands));
+            $text = str_replace( $matches[0][$i], $invalidstr, $text);
+            continue;
+        }
+    /// Everything is ok, let's process the expression
         $md5 = md5($texexp);
         if (! $texcache = get_record("cache_filters","filter","tex", "md5key", $md5)) {
             $texcache->filter = 'tex';