diff options
| author | George Peter Banyard <girgias@php.net> | 2021-01-04 15:24:53 +0100 |
|---|---|---|
| committer | George Peter Banyard <girgias@php.net> | 2021-01-04 18:07:47 +0100 |
| commit | 764b7bf1088af940f9de7aca13da8de56a63aa3f (patch) | |
| tree | d66532950a696d6ff0b6809b0c461688571cc9ed /ext/filter/logical_filters.c | |
| parent | 9f96b2bdc8f9109c53ac6121fb3adca517afd133 (diff) | |
| download | php-git-764b7bf1088af940f9de7aca13da8de56a63aa3f.tar.gz | |
Fix bug #80584: 0x and 0X are considered valid hex numbers by filter_var()
Closes GH-6573
Diffstat (limited to 'ext/filter/logical_filters.c')
| -rw-r--r-- | ext/filter/logical_filters.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/ext/filter/logical_filters.c b/ext/filter/logical_filters.c index a9fcc01d01..392156b539 100644 --- a/ext/filter/logical_filters.c +++ b/ext/filter/logical_filters.c @@ -233,6 +233,9 @@ void php_filter_int(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ p++; len--; if (allow_hex && (*p == 'x' || *p == 'X')) { p++; len--; + if (len == 0) { + RETURN_VALIDATION_FAILED + } if (php_filter_parse_hex(p, len, &ctx_value) < 0) { error = 1; } |