pajoye Tue Dec 5 01:24:18 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/filter filter.c filter_private.h
/php-src/ext/filter/tests 010.phpt 039.phpt
Log:
- MFH: invalid filter id should not return unsafe values
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/filter.c?r1=1.52.2.31&r2=1.52.2.32&diff_format=u
Index: php-src/ext/filter/filter.c
diff -u php-src/ext/filter/filter.c:1.52.2.31
php-src/ext/filter/filter.c:1.52.2.32
--- php-src/ext/filter/filter.c:1.52.2.31 Mon Dec 4 21:16:01 2006
+++ php-src/ext/filter/filter.c Tue Dec 5 01:24:18 2006
@@ -19,7 +19,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: filter.c,v 1.52.2.31 2006/12/04 21:16:01 pajoye Exp $ */
+/* $Id: filter.c,v 1.52.2.32 2006/12/05 01:24:18 pajoye Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -275,7 +275,7 @@
{
php_info_print_table_start();
php_info_print_table_row( 2, "Input Validation and Filtering",
"enabled" );
- php_info_print_table_row( 2, "Revision", "$Revision: 1.52.2.31 $");
+ php_info_print_table_row( 2, "Revision", "$Revision: 1.52.2.32 $");
php_info_print_table_end();
DISPLAY_INI_ENTRIES();
@@ -645,6 +645,11 @@
zval_dtor(return_value);
RETURN_FALSE;
}
+ if (arg_key_len < 2) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
"Empty keys are not allowed in the definition array");
+ zval_dtor(return_value);
+ RETURN_FALSE;
+ }
if (zend_hash_find(Z_ARRVAL_P(input), arg_key,
arg_key_len, (void **)&tmp) != SUCCESS) {
add_assoc_null_ex(return_value, arg_key,
arg_key_len);
} else {
@@ -680,6 +685,10 @@
return;
}
+ if (!PHP_FILTER_ID_EXISTS(filter)) {
+ RETURN_FALSE;
+ }
+
input = php_filter_get_storage(fetch_from TSRMLS_CC);
if (!input || !HASH_OF(input) || zend_hash_find(HASH_OF(input), var,
var_len + 1, (void **)&tmp) != SUCCESS) {
@@ -726,6 +735,10 @@
return;
}
+ if (!PHP_FILTER_ID_EXISTS(filter)) {
+ RETURN_FALSE;
+ }
+
*return_value = *data;
zval_copy_ctor(data);
@@ -745,6 +758,11 @@
return;
}
+ if (op && ( (Z_TYPE_PP(op) == IS_LONG &&
!PHP_FILTER_ID_EXISTS(Z_LVAL_PP(op)))
+ || Z_TYPE_PP(op) != IS_ARRAY)) {
+ RETURN_FALSE;
+ }
+
array_input = php_filter_get_storage(fetch_from TSRMLS_CC);
if (!array_input || !HASH_OF(array_input)) {
@@ -780,6 +798,11 @@
return;
}
+ if (op && ( (Z_TYPE_PP(op) == IS_LONG &&
!PHP_FILTER_ID_EXISTS(Z_LVAL_PP(op)))
+ || Z_TYPE_PP(op) != IS_ARRAY)) {
+ RETURN_FALSE;
+ }
+
php_filter_array_handler(array_input, op, return_value TSRMLS_CC);
}
/* }}} */
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/filter_private.h?r1=1.12.2.5&r2=1.12.2.6&diff_format=u
Index: php-src/ext/filter/filter_private.h
diff -u php-src/ext/filter/filter_private.h:1.12.2.5
php-src/ext/filter/filter_private.h:1.12.2.6
--- php-src/ext/filter/filter_private.h:1.12.2.5 Tue Oct 17 15:26:14 2006
+++ php-src/ext/filter/filter_private.h Tue Dec 5 01:24:18 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: filter_private.h,v 1.12.2.5 2006/10/17 15:26:14 iliaa Exp $ */
+/* $Id: filter_private.h,v 1.12.2.6 2006/12/05 01:24:18 pajoye Exp $ */
#ifndef FILTER_PRIVATE_H
#define FILTER_PRIVATE_H
@@ -62,6 +62,7 @@
#define FILTER_VALIDATE_URL 0x0111
#define FILTER_VALIDATE_EMAIL 0x0112
#define FILTER_VALIDATE_IP 0x0113
+#define FILTER_VALIDATE_LAST 0x0113
#define FILTER_VALIDATE_ALL 0x0100
@@ -76,11 +77,17 @@
#define FILTER_SANITIZE_NUMBER_INT 0x0207
#define FILTER_SANITIZE_NUMBER_FLOAT 0x0208
#define FILTER_SANITIZE_MAGIC_QUOTES 0x0209
+#define FILTER_SANITIZE_LAST 0x0209
#define FILTER_SANITIZE_ALL 0x0200
#define FILTER_CALLBACK 0x0400
+#define PHP_FILTER_ID_EXISTS(id) \
+((id >= FILTER_SANITIZE_ALL && id <= FILTER_SANITIZE_LAST) \
+|| (id >= FILTER_VALIDATE_ALL && id <= FILTER_VALIDATE_LAST) \
+|| id == FILTER_CALLBACK)
+
#define PHP_FILTER_TRIM_DEFAULT(p, len, end) { \
while (*p == ' ' || *p == '\t' || *p == '\r' || *p == '\v') { \
p++; \
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/010.phpt?r1=1.4.2.5&r2=1.4.2.6&diff_format=u
Index: php-src/ext/filter/tests/010.phpt
diff -u php-src/ext/filter/tests/010.phpt:1.4.2.5
php-src/ext/filter/tests/010.phpt:1.4.2.6
--- php-src/ext/filter/tests/010.phpt:1.4.2.5 Tue Oct 17 22:05:16 2006
+++ php-src/ext/filter/tests/010.phpt Tue Dec 5 01:24:18 2006
@@ -55,6 +55,6 @@
string(1) "1"
string(1) "1"
string(1) "1"
-string(1) "1"
-string(1) "1"
+bool(false)
+bool(false)
Done
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/039.phpt?r1=1.1.2.3&r2=1.1.2.4&diff_format=u
Index: php-src/ext/filter/tests/039.phpt
diff -u php-src/ext/filter/tests/039.phpt:1.1.2.3
php-src/ext/filter/tests/039.phpt:1.1.2.4
--- php-src/ext/filter/tests/039.phpt:1.1.2.3 Mon Nov 13 19:32:58 2006
+++ php-src/ext/filter/tests/039.phpt Tue Dec 5 01:24:18 2006
@@ -5,6 +5,7 @@
--FILE--
<?php
+echo "-- (1)\n";
var_dump(filter_var_array(NULL));
var_dump(filter_var_array(array()));
var_dump(filter_var_array(array(1,"blah"=>"hoho")));
@@ -12,19 +13,24 @@
var_dump(filter_var_array(array(), 1000000));
var_dump(filter_var_array(array(), ""));
+echo "-- (2)\n";
var_dump(filter_var_array(array(""=>""), -1));
var_dump(filter_var_array(array(""=>""), 1000000));
var_dump(filter_var_array(array(""=>""), ""));
+echo "-- (3)\n";
var_dump(filter_var_array(array("aaa"=>"bbb"), -1));
var_dump(filter_var_array(array("aaa"=>"bbb"), 1000000));
var_dump(filter_var_array(array("aaa"=>"bbb"), ""));
+echo "-- (4)\n";
var_dump(filter_var_array(array(), new stdclass));
var_dump(filter_var_array(array(), array()));
var_dump(filter_var_array(array(), array("var_name"=>1)));
var_dump(filter_var_array(array(), array("var_name"=>-1)));
var_dump(filter_var_array(array("var_name"=>""), array("var_name"=>-1)));
+
+echo "-- (5)\n";
var_dump(filter_var_array(array("var_name"=>""), array("var_name"=>-1,
"asdas"=>"asdasd", "qwe"=>"rty", ""=>"")));
var_dump(filter_var_array(array("asdas"=>"text"), array("var_name"=>-1,
"asdas"=>"asdasd", "qwe"=>"rty", ""=>"")));
@@ -44,6 +50,8 @@
echo "Done\n";
?>
--EXPECTF--
+-- (1)
+
Warning: filter_var_array() expects parameter 1 to be array, null given in %s
on line %d
NULL
array(0) {
@@ -54,30 +62,19 @@
["blah"]=>
string(4) "hoho"
}
-array(0) {
-}
-array(0) {
-}
bool(false)
-array(1) {
- [""]=>
- string(0) ""
-}
-array(1) {
- [""]=>
- string(0) ""
-}
bool(false)
-array(1) {
- ["aaa"]=>
- string(3) "bbb"
-}
-array(1) {
- ["aaa"]=>
- string(3) "bbb"
-}
+bool(false)
+-- (2)
+bool(false)
bool(false)
bool(false)
+-- (3)
+bool(false)
+bool(false)
+bool(false)
+-- (4)
+bool(false)
array(0) {
}
array(1) {
@@ -92,39 +89,20 @@
["var_name"]=>
string(0) ""
}
-array(4) {
- ["var_name"]=>
- string(0) ""
- ["asdas"]=>
- NULL
- ["qwe"]=>
- NULL
- [""]=>
- NULL
-}
-array(4) {
- ["var_name"]=>
- NULL
- ["asdas"]=>
- string(4) "text"
- ["qwe"]=>
- NULL
- [""]=>
- NULL
-}
-array(1) {
- [""]=>
- string(0) ""
-}
+-- (5)
+
+Warning: filter_var_array(): Empty keys are not allowed in the definition
array in %s on line %d
+bool(false)
+
+Warning: filter_var_array(): Empty keys are not allowed in the definition
array in %s on line %d
+bool(false)
+bool(false)
array(1) {
[""]=>
string(0) ""
}
int(-1)
-array(1) {
- [""]=>
- string(0) ""
-}
+bool(false)
array(1) {
[""]=>
string(0) ""
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
