iliaa Thu, 24 Dec 2009 18:47:15 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=292611
Log:
Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL.
Changed paths:
U php/php-src/branches/PHP_5_2/NEWS
U php/php-src/branches/PHP_5_2/ext/filter/logical_filters.c
U php/php-src/branches/PHP_5_3/NEWS
U php/php-src/branches/PHP_5_3/ext/filter/logical_filters.c
U php/php-src/trunk/ext/filter/logical_filters.c
Modified: php/php-src/branches/PHP_5_2/NEWS
===================================================================
--- php/php-src/branches/PHP_5_2/NEWS 2009-12-24 17:44:16 UTC (rev 292610)
+++ php/php-src/branches/PHP_5_2/NEWS 2009-12-24 18:47:15 UTC (rev 292611)
@@ -1,6 +1,9 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2010, PHP 5.2.13
+- Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL.
+ (Ilia)
+
- Fixed build of mysqli with MySQL 5.5.0-m2. (Andrey)
- Fixed bug #50540 (Crash while running ldap_next_reference test cases).
Modified: php/php-src/branches/PHP_5_2/ext/filter/logical_filters.c
===================================================================
--- php/php-src/branches/PHP_5_2/ext/filter/logical_filters.c 2009-12-24
17:44:16 UTC (rev 292610)
+++ php/php-src/branches/PHP_5_2/ext/filter/logical_filters.c 2009-12-24
18:47:15 UTC (rev 292611)
@@ -456,12 +456,35 @@
RETURN_VALIDATION_FAILED
}
+ if (url->scheme != NULL && (!strcasecmp(url->scheme, "http") ||
!strcasecmp(url->scheme, "https"))) {
+ char *e, *s;
+
+ if (url->host == NULL) {
+ goto bad_url;
+ }
+
+ e = url->host + strlen(url->host);
+ s = url->host;
+
+ while (s < e) {
+ if (!isalnum((int)*(unsigned char *)s) && *s != '_' &&
*s != '.') {
+ goto bad_url;
+ }
+ s++;
+ }
+
+ if (*(e - 1) == '.') {
+ goto bad_url;
+ }
+ }
+
if (
url->scheme == NULL ||
/* some schemas allow the host to be empty */
(url->host == NULL && (strcmp(url->scheme, "mailto") &&
strcmp(url->scheme, "news") && strcmp(url->scheme, "file"))) ||
((flags & FILTER_FLAG_PATH_REQUIRED) && url->path == NULL) ||
((flags & FILTER_FLAG_QUERY_REQUIRED) && url->query == NULL)
) {
+bad_url:
php_url_free(url);
RETURN_VALIDATION_FAILED
}
Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS 2009-12-24 17:44:16 UTC (rev 292610)
+++ php/php-src/branches/PHP_5_3/NEWS 2009-12-24 18:47:15 UTC (rev 292611)
@@ -1,6 +1,9 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 20??, PHP 5.3.3
+- Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL.
+ (Ilia)
+
- Fixed bug #47409 (extract() problem with array containing word "this").
(Ilia, chrisstocktonaz at gmail dot com)
Modified: php/php-src/branches/PHP_5_3/ext/filter/logical_filters.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/filter/logical_filters.c 2009-12-24
17:44:16 UTC (rev 292610)
+++ php/php-src/branches/PHP_5_3/ext/filter/logical_filters.c 2009-12-24
18:47:15 UTC (rev 292611)
@@ -456,12 +456,35 @@
RETURN_VALIDATION_FAILED
}
+ if (url->scheme != NULL && (!strcasecmp(url->scheme, "http") ||
!strcasecmp(url->scheme, "https"))) {
+ char *e, *s;
+
+ if (url->host == NULL) {
+ goto bad_url;
+ }
+
+ e = url->host + strlen(url->host);
+ s = url->host;
+
+ while (s < e) {
+ if (!isalnum((int)*(unsigned char *)s) && *s != '_' &&
*s != '.') {
+ goto bad_url;
+ }
+ s++;
+ }
+
+ if (*(e - 1) == '.') {
+ goto bad_url;
+ }
+ }
+
if (
url->scheme == NULL ||
/* some schemas allow the host to be empty */
(url->host == NULL && (strcmp(url->scheme, "mailto") &&
strcmp(url->scheme, "news") && strcmp(url->scheme, "file"))) ||
((flags & FILTER_FLAG_PATH_REQUIRED) && url->path == NULL) ||
((flags & FILTER_FLAG_QUERY_REQUIRED) && url->query == NULL)
) {
+bad_url:
php_url_free(url);
RETURN_VALIDATION_FAILED
}
Modified: php/php-src/trunk/ext/filter/logical_filters.c
===================================================================
--- php/php-src/trunk/ext/filter/logical_filters.c 2009-12-24 17:44:16 UTC
(rev 292610)
+++ php/php-src/trunk/ext/filter/logical_filters.c 2009-12-24 18:47:15 UTC
(rev 292611)
@@ -456,12 +456,35 @@
RETURN_VALIDATION_FAILED
}
+ if (url->scheme != NULL && (!strcasecmp(url->scheme, "http") ||
!strcasecmp(url->scheme, "https"))) {
+ char *e, *s;
+
+ if (url->host == NULL) {
+ goto bad_url;
+ }
+
+ e = url->host + strlen(url->host);
+ s = url->host;
+
+ while (s < e) {
+ if (!isalnum((int)*(unsigned char *)s) && *s != '_' &&
*s != '.') {
+ goto bad_url;
+ }
+ s++;
+ }
+
+ if (*(e - 1) == '.') {
+ goto bad_url;
+ }
+ }
+
if (
url->scheme == NULL ||
/* some schemas allow the host to be empty */
(url->host == NULL && (strcmp(url->scheme, "mailto") &&
strcmp(url->scheme, "news") && strcmp(url->scheme, "file"))) ||
((flags & FILTER_FLAG_PATH_REQUIRED) && url->path == NULL) ||
((flags & FILTER_FLAG_QUERY_REQUIRED) && url->query == NULL)
) {
+bad_url:
php_url_free(url);
RETURN_VALIDATION_FAILED
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
