ID: 47752 Comment by: php at lvp-media dot com Reported By: for-bugs at hnw dot jp Status: Open Bug Type: Filter related Operating System: * PHP Version: 5.2.9 New Comment:
False, this only allows +0 and -0 by checking the lenght of the string, it verifies that the null is the only character in it. Previous Comments: ------------------------------------------------------------------------ [2009-03-24 11:49:06] [email protected] Right, so this patch is not correct as it would allow octal numbers. ------------------------------------------------------------------------ [2009-03-24 11:46:57] php at lvp-media dot com Probably the easiest fix for this would be to change line 88 of logical_filters.c to allow the character "0" as well, seeing values like -0012 and 0012 get returned as false now as well. Con of this is quite obvious as well however, as numbers prefixed by 0 often get interpreted as octal numbers. A better fix would be to add a check for it; --- logical_filters.bak 2009-03-24 12:43:23.000000000 +0100 +++ logical_filters.c 2009-03-24 12:45:09.000000000 +0100 @@ -84,6 +84,12 @@ break; } + /* allow +0 and -0 */ + if ((str + 1) == end && *str == '0') { + *ret = 0; + return 1; + } + /* must start with 1..9*/ if (str < end && *str >= '1' && *str <= '9') { ctx_value = ((*(str++)) - '0'); ------------------------------------------------------------------------ [2009-03-23 05:40:58] for-bugs at hnw dot jp Description: ------------ FILTER_VALIDATE_INT doesn't allow "+0" and "-0", while "0", "+1", and "-1" is valid. Reproduce code: --------------- <?php var_dump(intval("+0")); var_dump(filter_var("+0", FILTER_VALIDATE_INT)); var_dump(intval("-0")); var_dump(filter_var("-0", FILTER_VALIDATE_INT)); Expected result: ---------------- int(0) int(0) int(0) int(0) Actual result: -------------- int(0) bool(false) int(0) bool(false) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=47752&edit=1
