tests PMOPB45.phpt

Ilia Alshanetsky Thu, 03 May 2007 16:38:39 -0700

iliaa           Thu May  3 23:38:28 2007 UTC

  Added files:                 (Branch: PHP_5_2)
    /php-src/ext/filter/tests   PMOPB45.phpt


  Modified files:              
    /php-src/ext/filter logical_filters.c 
    /php-src    NEWS 
  Log:
  
  Fixed ext/filter Email Validation Vulnerability
  (MOPB-24 by Stefan Esser)
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.21&r2=1.1.2.22&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.21 
php-src/ext/filter/logical_filters.c:1.1.2.22
--- php-src/ext/filter/logical_filters.c:1.1.2.21       Mon Jan  1 09:36:00 2007
+++ php-src/ext/filter/logical_filters.c        Thu May  3 23:38:27 2007
@@ -17,7 +17,7 @@
   +----------------------------------------------------------------------+
 */
 
-/* $Id: logical_filters.c,v 1.1.2.21 2007/01/01 09:36:00 sebastian Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.22 2007/05/03 23:38:27 iliaa Exp $ */
 
 #include "php_filter.h"
 #include "filter_private.h"
@@ -469,7 +469,7 @@
 void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
 {
        /* From 
http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
-       const char regexp[] = 
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/";
+       const char regexp[] = 
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/D";
 
        pcre       *re = NULL;
        pcre_extra *pcre_extra = NULL;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.675&r2=1.2027.2.547.2.676&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.675 php-src/NEWS:1.2027.2.547.2.676
--- php-src/NEWS:1.2027.2.547.2.675     Thu May  3 01:16:50 2007
+++ php-src/NEWS        Thu May  3 23:38:27 2007
@@ -1,6 +1,8 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2007, PHP 5.2.3
+- Fixed ext/filter Email Validation Vulnerability (MOPB-24 by Stefan Esser)
+  (Ilia)
 
 03 May 2007, PHP 5.2.2
 - Improved bundled GD

http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/PMOPB45.phpt?view=markup&rev=1.1
Index: php-src/ext/filter/tests/PMOPB45.phpt
+++ php-src/ext/filter/tests/PMOPB45.phpt

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests PMOPB45.phpt

Reply via email to