diff options
| author | Ilia Alshanetsky <iliaa@php.net> | 2011-02-04 21:41:15 +0000 |
|---|---|---|
| committer | Ilia Alshanetsky <iliaa@php.net> | 2011-02-04 21:41:15 +0000 |
| commit | 218448bfa07b05494efacc1f5983dde91e16c251 (patch) | |
| tree | e71cc3cc32e56c7f9024759af9e61789f8334e48 | |
| parent | 07fb5ca429427fdcd42bdcef6efc9ee602cd66ee (diff) | |
| download | php-git-218448bfa07b05494efacc1f5983dde91e16c251.tar.gz | |
Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number).
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/filter/tests/015.phpt | 2 | ||||
| -rw-r--r-- | ext/standard/url.c | 16 |
3 files changed, 20 insertions, 2 deletions
@@ -47,6 +47,8 @@ null default value). (Gustavo, Stas) - Filter extension: + . Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number). + (Ilia) . Fixed bug #53150 (FILTER_FLAG_NO_RES_RANGE is missing some IP ranges). (Ilia) . Fixed bug #52209 (INPUT_ENV returns NULL for set variables (CLI)). (Ilia) @@ -109,6 +111,8 @@ - Phar extension: . Fixed bug #53541 (format string bug in ext/phar). (crrodriguez at opensuse dot org, Ilia) + . Fixed bug #53898 (PHAR reports invalid error message, when the directory + does not exist). (Ilia) - PHP-FPM SAPI: . Enforce security in the fastcgi protocol parsing. diff --git a/ext/filter/tests/015.phpt b/ext/filter/tests/015.phpt index a9c4a8cf48..7be849e76c 100644 --- a/ext/filter/tests/015.phpt +++ b/ext/filter/tests/015.phpt @@ -28,6 +28,7 @@ array(), 'news:news.php.net', 'file://foo/bar', "http://\r\n/bar", +"http://example.com:qq" ); foreach ($values as $value) { var_dump(filter_var($value, FILTER_VALIDATE_URL)); @@ -70,6 +71,7 @@ string(17) "news:news.php.net" string(14) "file://foo/bar" bool(false) bool(false) +bool(false) string(10) "http://qwe" bool(false) bool(false) diff --git a/ext/standard/url.c b/ext/standard/url.c index 2e29c9dd4d..00f5694e07 100644 --- a/ext/standard/url.c +++ b/ext/standard/url.c @@ -180,15 +180,20 @@ PHPAPI php_url *php_url_parse_ex(char const *str, int length) parse_port: p = e + 1; pp = p; - + while (pp-p < 6 && isdigit(*pp)) { pp++; } - + if (pp-p < 6 && (*pp == '/' || *pp == '\0')) { memcpy(port_buf, p, (pp-p)); port_buf[pp-p] = '\0'; ret->port = atoi(port_buf); + if (!ret->port && (pp - p) > 0) { + STR_FREE(ret->scheme); + efree(ret); + return NULL; + } } else { goto just_path; } @@ -267,6 +272,13 @@ PHPAPI php_url *php_url_parse_ex(char const *str, int length) memcpy(port_buf, p, (e-p)); port_buf[e-p] = '\0'; ret->port = atoi(port_buf); + if (!ret->port && (e - p)) { + STR_FREE(ret->scheme); + STR_FREE(ret->user); + STR_FREE(ret->pass); + efree(ret); + return NULL; + } } p--; } |