Index: includes/theme.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/theme.inc,v
retrieving revision 1.503
diff -u -r1.503 theme.inc
--- includes/theme.inc	4 Aug 2009 07:04:21 -0000	1.503
+++ includes/theme.inc	13 Aug 2009 02:49:47 -0000
@@ -2027,6 +2027,11 @@
   foreach ($args as $arg) {
     // Remove slashes or null per SA-CORE-2009-003.
     $arg = str_replace(array("/", "\\", "\0"), '', $arg);
+    // The percent acts as a wildcard for numeric arguments since
+    // asterisks are not valid filename characters on many filesystems.
+    if (is_numeric($arg)) {
+      $suggestions[] = $suggestion . '-%';
+    }
     $suggestions[] = $suggestion . '-' . $arg;
     if (!is_numeric($arg)) {
       $suggestion .= '-' . $arg;
Index: modules/simpletest/tests/theme.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/simpletest/tests/theme.test,v
retrieving revision 1.4
diff -u -r1.4 theme.test
--- modules/simpletest/tests/theme.test	13 Jul 2009 21:51:41 -0000	1.4
+++ modules/simpletest/tests/theme.test	13 Aug 2009 02:49:49 -0000
@@ -27,17 +27,17 @@
     variable_set('site_frontpage', 'nobody-home');
     $args = array('node', '1', 'edit');
     $suggestions = template_page_suggestions($args);
-    $this->assertEqual($suggestions, array('page-node', 'page-node-1', 'page-node-edit'), t('Found expected node edit page template suggestions'));
+    $this->assertEqual($suggestions, array('page-node', 'page-node-%', 'page-node-1', 'page-node-edit'), t('Found expected node edit page template suggestions'));
     // Check attack vectors.
     $args = array('node', '\\1');
     $suggestions = template_page_suggestions($args);
-    $this->assertEqual($suggestions, array('page-node', 'page-node-1'), t('Removed invalid \\ from template suggestions'));
+    $this->assertEqual($suggestions, array('page-node', 'page-node-%', 'page-node-1'), t('Removed invalid \\ from template suggestions'));
     $args = array('node', '1/');
     $suggestions = template_page_suggestions($args);
-    $this->assertEqual($suggestions, array('page-node', 'page-node-1'), t('Removed invalid / from template suggestions'));
+    $this->assertEqual($suggestions, array('page-node', 'page-node-%', 'page-node-1'), t('Removed invalid / from template suggestions'));
     $args = array('node', "1\0");
     $suggestions = template_page_suggestions($args);
-    $this->assertEqual($suggestions, array('page-node', 'page-node-1'), t('Removed invalid \\0 from template suggestions'));
+    $this->assertEqual($suggestions, array('page-node', 'page-node-%', 'page-node-1'), t('Removed invalid \\0 from template suggestions'));
     // Tests for drupal_discover_template()
     $suggestions = array('page');
     $this->assertEqual(drupal_discover_template(array('themes/garland'), $suggestions), 'themes/garland/page.tpl.php', t('Safe template discovered'));