MDL-71240 filter_tex: Sanitize the whole latex document

LaTeX documents have a preamble section and admins can use a \newcommand
statement to define new commands there (or to give an alias to another
command). This commit makes sure no blocked command can escape
sanitization by being used in a new seemingly harmless command that is
defined in the LaTeX preamble.

filter/tex/latex.php

@@ -47,23 +47,23 @@
          * @param int $fontsize the font size
          * @return string the latex document
          */
-        function construct_latex_document( $formula, $fontsize=12 ) {
-            global $CFG;
-
-            $formula = filter_tex_sanitize_formula($formula);
-
+        function construct_latex_document($formula, $fontsize = 12) {
             // $fontsize don't affects to formula's size. $density can change size
-            $doc =  "\\documentclass[{$fontsize}pt]{article}\n";
+            $doc = "\\documentclass[{$fontsize}pt]{article}\n";
             $doc .= get_config('filter_tex', 'latexpreamble');
             $doc .= "\\pagestyle{empty}\n";
             $doc .= "\\begin{document}\n";
-//dlnsk            $doc .= "$ {$formula} $\n";
-            if (preg_match("/^[[:space:]]*\\\\begin\\{(gather|align|alignat|multline).?\\}/i",$formula)) {
+            if (preg_match("/^[[:space:]]*\\\\begin\\{(gather|align|alignat|multline).?\\}/i", $formula)) {
                $doc .= "$formula\n";
             } else {
                $doc .= "$ {$formula} $\n";
             }
             $doc .= "\\end{document}\n";
+
+            // Sanitize the whole document (rather than just the formula) to make sure no one can bypass sanitization
+            // by using \newcommand in preamble to give an alias to a blocked command.
+            $doc = filter_tex_sanitize_formula($doc);
+
             return $doc;
         }