iliaa Fri, 04 Feb 2011 21:41:15 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=308035
Log: Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number). Bug: http://bugs.php.net/53924 (Open) FILTER_VALIDATE_URL doesn't validate port numbers Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/filter/tests/015.phpt U php/php-src/branches/PHP_5_3/ext/standard/url.c U php/php-src/trunk/ext/filter/tests/015.phpt U php/php-src/trunk/ext/standard/url.c Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2011-02-04 19:22:43 UTC (rev 308034) +++ php/php-src/branches/PHP_5_3/NEWS 2011-02-04 21:41:15 UTC (rev 308035) @@ -47,6 +47,8 @@ null default value). (Gustavo, Stas) - Filter extension: + . Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number). + (Ilia) . Fixed bug #53150 (FILTER_FLAG_NO_RES_RANGE is missing some IP ranges). (Ilia) . Fixed bug #52209 (INPUT_ENV returns NULL for set variables (CLI)). (Ilia) @@ -109,6 +111,8 @@ - Phar extension: . Fixed bug #53541 (format string bug in ext/phar). (crrodriguez at opensuse dot org, Ilia) + . Fixed bug #53898 (PHAR reports invalid error message, when the directory + does not exist). (Ilia) - PHP-FPM SAPI: . Enforce security in the fastcgi protocol parsing. Modified: php/php-src/branches/PHP_5_3/ext/filter/tests/015.phpt =================================================================== --- php/php-src/branches/PHP_5_3/ext/filter/tests/015.phpt 2011-02-04 19:22:43 UTC (rev 308034) +++ php/php-src/branches/PHP_5_3/ext/filter/tests/015.phpt 2011-02-04 21:41:15 UTC (rev 308035) @@ -28,6 +28,7 @@ 'news:news.php.net', 'file://foo/bar', "http://\r\n/bar";, +"http://example.com:qq"; ); foreach ($values as $value) { var_dump(filter_var($value, FILTER_VALIDATE_URL)); @@ -70,6 +71,7 @@ string(14) "file://foo/bar" bool(false) bool(false) +bool(false) string(10) "http://qwe"; bool(false) bool(false) Modified: php/php-src/branches/PHP_5_3/ext/standard/url.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/standard/url.c 2011-02-04 19:22:43 UTC (rev 308034) +++ php/php-src/branches/PHP_5_3/ext/standard/url.c 2011-02-04 21:41:15 UTC (rev 308035) @@ -180,15 +180,20 @@ parse_port: p = e + 1; pp = p; - + while (pp-p < 6 && isdigit(*pp)) { pp++; } - + if (pp-p < 6 && (*pp == '/' || *pp == '\0')) { memcpy(port_buf, p, (pp-p)); port_buf[pp-p] = '\0'; ret->port = atoi(port_buf); + if (!ret->port && (pp - p) > 0) { + STR_FREE(ret->scheme); + efree(ret); + return NULL; + } } else { goto just_path; } @@ -267,6 +272,13 @@ memcpy(port_buf, p, (e-p)); port_buf[e-p] = '\0'; ret->port = atoi(port_buf); + if (!ret->port && (e - p)) { + STR_FREE(ret->scheme); + STR_FREE(ret->user); + STR_FREE(ret->pass); + efree(ret); + return NULL; + } } p--; } Modified: php/php-src/trunk/ext/filter/tests/015.phpt =================================================================== --- php/php-src/trunk/ext/filter/tests/015.phpt 2011-02-04 19:22:43 UTC (rev 308034) +++ php/php-src/trunk/ext/filter/tests/015.phpt 2011-02-04 21:41:15 UTC (rev 308035) @@ -28,6 +28,7 @@ 'news:news.php.net', 'file://foo/bar', "http://\r\n/bar";, +"http://example.com:qq"; ); foreach ($values as $value) { var_dump(filter_var($value, FILTER_VALIDATE_URL)); @@ -70,6 +71,7 @@ string(14) "file://foo/bar" bool(false) bool(false) +bool(false) string(10) "http://qwe"; bool(false) bool(false) Modified: php/php-src/trunk/ext/standard/url.c =================================================================== --- php/php-src/trunk/ext/standard/url.c 2011-02-04 19:22:43 UTC (rev 308034) +++ php/php-src/trunk/ext/standard/url.c 2011-02-04 21:41:15 UTC (rev 308035) @@ -180,15 +180,20 @@ parse_port: p = e + 1; pp = p; - + while (pp-p < 6 && isdigit(*pp)) { pp++; } - + if (pp-p < 6 && (*pp == '/' || *pp == '\0')) { memcpy(port_buf, p, (pp-p)); port_buf[pp-p] = '\0'; ret->port = atoi(port_buf); + if (!ret->port && (pp - p) > 0) { + STR_FREE(ret->scheme); + efree(ret); + return NULL; + } } else { goto just_path; } @@ -267,6 +272,13 @@ memcpy(port_buf, p, (e-p)); port_buf[e-p] = '\0'; ret->port = atoi(port_buf); + if (!ret->port && (e - p)) { + STR_FREE(ret->scheme); + STR_FREE(ret->user); + STR_FREE(ret->pass); + efree(ret); + return NULL; + } } p--; }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
