cataphract                               Sat, 05 Feb 2011 22:37:00 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=308051

Log:
- Changed port validation introduced in commit #308035 to consider
  negative ports and ports > 65535 as invalid.
  The tests that fail due to #308035 in the standard ext were not
  fixed. If the behavior in those tests turns out to be the
  desirable one, both this commit and #308035 ought to be reverted
  or at least adapted.

Bug: http://bugs.php.net/308035 (error getting bug information)
      
Changed paths:
    U   php/php-src/branches/PHP_5_3/NEWS
    U   php/php-src/branches/PHP_5_3/ext/filter/tests/015.phpt
    U   php/php-src/branches/PHP_5_3/ext/standard/url.c
    U   php/php-src/trunk/ext/filter/tests/015.phpt
    U   php/php-src/trunk/ext/standard/url.c

Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS   2011-02-05 19:03:34 UTC (rev 308050)
+++ php/php-src/branches/PHP_5_3/NEWS   2011-02-05 22:37:00 UTC (rev 308051)
@@ -48,7 +48,7 @@

 - Filter extension:
   . Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number).
-    (Ilia)
+    (Ilia, Gustavo)
   . Fixed bug #53150 (FILTER_FLAG_NO_RES_RANGE is missing some IP ranges).
     (Ilia)
   . Fixed bug #52209 (INPUT_ENV returns NULL for set variables (CLI)). (Ilia)

Modified: php/php-src/branches/PHP_5_3/ext/filter/tests/015.phpt
===================================================================
--- php/php-src/branches/PHP_5_3/ext/filter/tests/015.phpt      2011-02-05 
19:03:34 UTC (rev 308050)
+++ php/php-src/branches/PHP_5_3/ext/filter/tests/015.phpt      2011-02-05 
22:37:00 UTC (rev 308051)
@@ -28,7 +28,10 @@
 'news:news.php.net',
 'file://foo/bar',
 "http://\r\n/bar";,
-"http://example.com:qq";
+"http://example.com:qq";,
+"http://example.com:-2";,
+"http://example.com:65536";,
+"http://example.com:65537";,
 );
 foreach ($values as $value) {
        var_dump(filter_var($value, FILTER_VALIDATE_URL));
@@ -72,6 +75,9 @@
 bool(false)
 bool(false)
 bool(false)
+bool(false)
+bool(false)
+bool(false)
 string(10) "http://qwe";
 bool(false)
 bool(false)
@@ -80,4 +86,4 @@
 string(42) "http://www.example.com/path/at/the/server/";
 bool(false)
 string(40) "http://www.example.com/index.php?a=b&c=d";
-Done
\ No newline at end of file
+Done

Modified: php/php-src/branches/PHP_5_3/ext/standard/url.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/standard/url.c     2011-02-05 19:03:34 UTC 
(rev 308050)
+++ php/php-src/branches/PHP_5_3/ext/standard/url.c     2011-02-05 22:37:00 UTC 
(rev 308051)
@@ -176,7 +176,7 @@
                                }
                        }
                }
-       } else if (e) { /* no scheme, look for port */
+       } else if (e) { /* no scheme; starts with colon: look for port */
                parse_port:
                p = e + 1;
                pp = p;
@@ -185,11 +185,14 @@
                        pp++;
                }

-               if (pp-p < 6 && (*pp == '/' || *pp == '\0')) {
-                       memcpy(port_buf, p, (pp-p));
-                       port_buf[pp-p] = '\0';
-                       ret->port = atoi(port_buf);
-                       if (!ret->port && (pp - p) > 0) {
+               if (pp - p > 0 && pp - p < 6 && (*pp == '/' || *pp == '\0')) {
+                       long port;
+                       memcpy(port_buf, p, (pp - p));
+                       port_buf[pp - p] = '\0';
+                       port = strtol(port_buf, NULL, 10);
+                       if (port > 0 && port <= 65535) {
+                               ret->port = (unsigned short) port;
+                       } else {
                                STR_FREE(ret->scheme);
                                efree(ret);
                                return NULL;
@@ -269,10 +272,13 @@
                                efree(ret);
                                return NULL;
                        } else if (e - p > 0) {
-                               memcpy(port_buf, p, (e-p));
-                               port_buf[e-p] = '\0';
-                               ret->port = atoi(port_buf);
-                               if (!ret->port && (e - p)) {
+                               long port;
+                               memcpy(port_buf, p, (e - p));
+                               port_buf[e - p] = '\0';
+                               port = strtol(port_buf, NULL, 10);
+                               if (port > 0 && port <= 65535) {
+                                       ret->port = (unsigned short)port;
+                               } else {
                                        STR_FREE(ret->scheme);
                                        STR_FREE(ret->user);
                                        STR_FREE(ret->pass);

Modified: php/php-src/trunk/ext/filter/tests/015.phpt
===================================================================
--- php/php-src/trunk/ext/filter/tests/015.phpt 2011-02-05 19:03:34 UTC (rev 
308050)
+++ php/php-src/trunk/ext/filter/tests/015.phpt 2011-02-05 22:37:00 UTC (rev 
308051)
@@ -28,7 +28,10 @@
 'news:news.php.net',
 'file://foo/bar',
 "http://\r\n/bar";,
-"http://example.com:qq";
+"http://example.com:qq";,
+"http://example.com:-2";,
+"http://example.com:65536";,
+"http://example.com:65537";,
 );
 foreach ($values as $value) {
        var_dump(filter_var($value, FILTER_VALIDATE_URL));
@@ -72,6 +75,9 @@
 bool(false)
 bool(false)
 bool(false)
+bool(false)
+bool(false)
+bool(false)
 string(10) "http://qwe";
 bool(false)
 bool(false)
@@ -80,4 +86,4 @@
 string(42) "http://www.example.com/path/at/the/server/";
 bool(false)
 string(40) "http://www.example.com/index.php?a=b&c=d";
-Done
\ No newline at end of file
+Done

Modified: php/php-src/trunk/ext/standard/url.c
===================================================================
--- php/php-src/trunk/ext/standard/url.c        2011-02-05 19:03:34 UTC (rev 
308050)
+++ php/php-src/trunk/ext/standard/url.c        2011-02-05 22:37:00 UTC (rev 
308051)
@@ -176,7 +176,7 @@
                                }
                        }
                }
-       } else if (e) { /* no scheme, look for port */
+       } else if (e) { /* no scheme; starts with colon: look for port */
                parse_port:
                p = e + 1;
                pp = p;
@@ -185,11 +185,14 @@
                        pp++;
                }

-               if (pp-p < 6 && (*pp == '/' || *pp == '\0')) {
-                       memcpy(port_buf, p, (pp-p));
-                       port_buf[pp-p] = '\0';
-                       ret->port = atoi(port_buf);
-                       if (!ret->port && (pp - p) > 0) {
+               if (pp - p > 0 && pp - p < 6 && (*pp == '/' || *pp == '\0')) {
+                       long port;
+                       memcpy(port_buf, p, (pp - p));
+                       port_buf[pp - p] = '\0';
+                       port = strtol(port_buf, NULL, 10);
+                       if (port > 0 && port <= 65535) {
+                               ret->port = (unsigned short) port;
+                       } else {
                                STR_FREE(ret->scheme);
                                efree(ret);
                                return NULL;
@@ -269,10 +272,13 @@
                                efree(ret);
                                return NULL;
                        } else if (e - p > 0) {
-                               memcpy(port_buf, p, (e-p));
-                               port_buf[e-p] = '\0';
-                               ret->port = atoi(port_buf);
-                               if (!ret->port && (e - p)) {
+                               long port;
+                               memcpy(port_buf, p, (e - p));
+                               port_buf[e - p] = '\0';
+                               port = strtol(port_buf, NULL, 10);
+                               if (port > 0 && port <= 65535) {
+                                       ret->port = (unsigned short)port;
+                               } else {
                                        STR_FREE(ret->scheme);
                                        STR_FREE(ret->user);
                                        STR_FREE(ret->pass);

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to