[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
iliaa Sun Mar 1 17:36:09 2009 UTC
Modified files: (Branch: PHP_5_2)
/php-srcNEWS
/php-src/ext/filter logical_filters.c
Log:
MFB: Fixed bug #47435 (FILTER_FLAG_NO_PRIV_RANGE does not work with ipv6
addresses in the filter extension)
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1431&r2=1.2027.2.547.2.1432&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1431 php-src/NEWS:1.2027.2.547.2.1432
--- php-src/NEWS:1.2027.2.547.2.1431Sun Mar 1 17:35:25 2009
+++ php-src/NEWSSun Mar 1 17:36:09 2009
@@ -3,6 +3,9 @@
?? ??? 2009, PHP 5.2.10
- Fixed memory corruptions while reading properties of zip files. (Ilia)
+- Fixed bug #47435 (FILTER_FLAG_NO_PRIV_RANGE does not work with ipv6
+ addresses in the filter extension). (Ilia)
+
26 Feb 2009, PHP 5.2.9
- Changed __call() to be invoked on private/protected method access, similar to
properties and __get(). (Andrei)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.28&r2=1.1.2.29&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.28
php-src/ext/filter/logical_filters.c:1.1.2.29
--- php-src/ext/filter/logical_filters.c:1.1.2.28 Mon Feb 2 23:51:58 2009
+++ php-src/ext/filter/logical_filters.cSun Mar 1 17:36:09 2009
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.28 2009/02/02 23:51:58 iliaa Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.29 2009/03/01 17:36:09 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -655,6 +655,12 @@
if (res < 1) {
RETURN_VALIDATION_FAILED
}
+ /* Check flags */
+ if (flags & FILTER_FLAG_NO_PRIV_RANGE) {
+ if (Z_STRLEN_P(value) >=2 &&
(!strncasecmp("FC", Z_STRVAL_P(value), 2) || !strncasecmp("FD",
Z_STRVAL_P(value), 2))) {
+ RETURN_VALIDATION_FAILED
+ }
+ }
}
break;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
iliaa Sun Mar 8 18:22:26 2009 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/filter logical_filters.c
/php-srcNEWS
Log:
MFB: Fixed bug #47598 (FILTER_VALIDATE_EMAIL is locale aware)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.29&r2=1.1.2.30&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.29
php-src/ext/filter/logical_filters.c:1.1.2.30
--- php-src/ext/filter/logical_filters.c:1.1.2.29 Sun Mar 1 17:36:09 2009
+++ php-src/ext/filter/logical_filters.cSun Mar 8 18:22:26 2009
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.29 2009/03/01 17:36:09 iliaa Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.30 2009/03/08 18:22:26 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -469,7 +469,7 @@
void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
/* From
http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
- const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.?)+[A-Za-z\\-]*))$/D";
+ const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.?)+[A-Za-z\\-]*))$/D";
pcre *re = NULL;
pcre_extra *pcre_extra = NULL;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1433&r2=1.2027.2.547.2.1434&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1433 php-src/NEWS:1.2027.2.547.2.1434
--- php-src/NEWS:1.2027.2.547.2.1433Tue Mar 3 11:50:32 2009
+++ php-src/NEWSSun Mar 8 18:22:26 2009
@@ -3,10 +3,11 @@
?? ??? 2009, PHP 5.2.10
- Fixed memory corruptions while reading properties of zip files. (Ilia)
-- Fixed bug #47546 (Default value for limit parameter in explode is 0,
- not -1). (Kalle)
+- Fixed bug #47598 (FILTER_VALIDATE_EMAIL is locale aware). (Ilia)
+- Fixed bug #47546 (Default value for limit parameter in explode is 0, not -1).
+ (Kalle)
- Fixed bug #47435 (FILTER_FLAG_NO_PRIV_RANGE does not work with ipv6
- addresses in the filter extension). (Ilia)
+ addresses in the filter extension). (Ilia)
26 Feb 2009, PHP 5.2.9
- Changed __call() to be invoked on private/protected method access, similar to
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
iliaa Wed Mar 25 18:53:05 2009 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/filter logical_filters.c
/php-srcNEWS
Log:
MFB: Fixed bug #47772 (FILTER_VALIDATE_EMAIL allows f...@bar. addresses)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.30&r2=1.1.2.31&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.30
php-src/ext/filter/logical_filters.c:1.1.2.31
--- php-src/ext/filter/logical_filters.c:1.1.2.30 Sun Mar 8 18:22:26 2009
+++ php-src/ext/filter/logical_filters.cWed Mar 25 18:53:04 2009
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.30 2009/03/08 18:22:26 iliaa Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.31 2009/03/25 18:53:04 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -469,7 +469,7 @@
void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
/* From
http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
- const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.?)+[A-Za-z\\-]*))$/D";
+ const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?(\\.(?=[A-Za-z\\-]))?)+[A-Za-z\\-]*))$/D";
pcre *re = NULL;
pcre_extra *pcre_extra = NULL;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1448&r2=1.2027.2.547.2.1449&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1448 php-src/NEWS:1.2027.2.547.2.1449
--- php-src/NEWS:1.2027.2.547.2.1448Fri Mar 20 22:14:45 2009
+++ php-src/NEWSWed Mar 25 18:53:04 2009
@@ -6,6 +6,7 @@
- Fixed memory corruptions while reading properties of zip files. (Ilia)
+- Fixed bug #47772 (FILTER_VALIDATE_EMAIL allows f...@bar. addresses). (Ilia)
- Fixed bug #47721 (Alignment issues in mbstring and sysvshm extension)
(crrodriguez at opensuse dot org, Ilia)
- Fixed bug #47704 (PHP crashes on some "bad" operations with string offsets).
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
derick Wed Dec 20 14:39:02 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-srcNEWS
/php-src/ext/filter logical_filters.c
Log:
- Fixed the validate email filter so that the letter "v" can also be used in
the user part of the email address. (Derick)
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.445&r2=1.2027.2.547.2.446&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.445 php-src/NEWS:1.2027.2.547.2.446
--- php-src/NEWS:1.2027.2.547.2.445 Wed Dec 20 10:49:32 2006
+++ php-src/NEWSWed Dec 20 14:39:01 2006
@@ -10,7 +10,9 @@
. canary protection (debug build only)
. random generation of cookies and canaries
- Fixed incorrect function names on FreeBSD where inet_pton() was named
- __inet_pton() and inet_ntop() was named __inet_ntop() (Hannes)
+ __inet_pton() and inet_ntop() was named __inet_ntop(). (Hannes)
+- Fixed the validate email filter so that the letter "v" can also be used in
+ the user part of the email address. (Derick)
- Fixed bug #39869 (safe_read does not initialize errno).
(michiel at boland dot org, Dmitry)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.14&r2=1.1.2.15&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.14
php-src/ext/filter/logical_filters.c:1.1.2.15
--- php-src/ext/filter/logical_filters.c:1.1.2.14 Mon Dec 18 14:56:40 2006
+++ php-src/ext/filter/logical_filters.cWed Dec 20 14:39:01 2006
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.14 2006/12/18 14:56:40 iliaa Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.15 2006/12/20 14:39:01 derick Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -501,7 +501,7 @@
void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
/* From
http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
- const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\v\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/";
+ const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/";
pcre *re = NULL;
pcre_extra *pcre_extra = NULL;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
iliaa Mon Oct 20 23:23:45 2008 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/filter logical_filters.c
/php-srcNEWS
Log:
MFB:Fixed bug #46343 (IPv6 address filter accepts invalid address)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.24&r2=1.1.2.25&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.24
php-src/ext/filter/logical_filters.c:1.1.2.25
--- php-src/ext/filter/logical_filters.c:1.1.2.24 Tue Mar 18 23:32:42 2008
+++ php-src/ext/filter/logical_filters.cMon Oct 20 23:23:45 2008
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.24 2008/03/18 23:32:42 iliaa Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.25 2008/10/20 23:23:45 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -529,6 +529,7 @@
char *ipv4;
char *end;
int ip4elm[4];
+ char *s = str;
if (!memchr(str, ':', str_len)) {
return 0;
@@ -568,6 +569,8 @@
return 1;
}
compressed = 1;
+ } else if ((str - 1) == s) {
+ return 0;
}
}
n = 0;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1267&r2=1.2027.2.547.2.1268&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1267 php-src/NEWS:1.2027.2.547.2.1268
--- php-src/NEWS:1.2027.2.547.2.1267Mon Oct 20 19:30:56 2008
+++ php-src/NEWSMon Oct 20 23:23:45 2008
@@ -1,6 +1,7 @@
PHPNEWS
|||
?? Oct 2008, PHP 5.2.7RC2
+- Fixed bug #46343 (IPv6 address filter accepts invalid address). (Ilia)
- Fixed bug #46341 (Added missing validation checks into define() for class
constants). (Ilia)
- Fixed bug #46335 (DOMText::splitText doesn't handle multibyte characters).
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
Test?
On 12/20/06, Derick Rethans <[EMAIL PROTECTED]> wrote:
derick Wed Dec 20 14:39:02 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-srcNEWS
/php-src/ext/filter logical_filters.c
Log:
- Fixed the validate email filter so that the letter "v" can also be used in
the user part of the email address. (Derick)
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.445&r2=1.2027.2.547.2.446&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.445 php-src/NEWS:1.2027.2.547.2.446
--- php-src/NEWS:1.2027.2.547.2.445 Wed Dec 20 10:49:32 2006
+++ php-src/NEWSWed Dec 20 14:39:01 2006
@@ -10,7 +10,9 @@
. canary protection (debug build only)
. random generation of cookies and canaries
- Fixed incorrect function names on FreeBSD where inet_pton() was named
- __inet_pton() and inet_ntop() was named __inet_ntop() (Hannes)
+ __inet_pton() and inet_ntop() was named __inet_ntop(). (Hannes)
+- Fixed the validate email filter so that the letter "v" can also be used in
+ the user part of the email address. (Derick)
- Fixed bug #39869 (safe_read does not initialize errno).
(michiel at boland dot org, Dmitry)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.14&r2=1.1.2.15&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.14
php-src/ext/filter/logical_filters.c:1.1.2.15
--- php-src/ext/filter/logical_filters.c:1.1.2.14 Mon Dec 18 14:56:40 2006
+++ php-src/ext/filter/logical_filters.cWed Dec 20 14:39:01 2006
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.14 2006/12/18 14:56:40 iliaa Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.15 2006/12/20 14:39:01 derick Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -501,7 +501,7 @@
void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
/* From
http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
- const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\v\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/";
+ const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/";
pcre *re = NULL;
pcre_extra *pcre_extra = NULL;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests 016.phpt
iliaa Mon Feb 2 23:51:58 2009 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/filter logical_filters.c
/php-src/ext/filter/tests 016.phpt
/php-srcNEWS
Log:
MFB: Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email
addresses as invalid)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.27&r2=1.1.2.28&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.27
php-src/ext/filter/logical_filters.c:1.1.2.28
--- php-src/ext/filter/logical_filters.c:1.1.2.27 Wed Dec 31 15:39:48 2008
+++ php-src/ext/filter/logical_filters.cMon Feb 2 23:51:58 2009
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.27 2008/12/31 15:39:48 felipe Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.28 2009/02/02 23:51:58 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -469,7 +469,7 @@
void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
/* From
http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
- const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.)+[A-Za-z\\-]+))$/D";
+ const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.?)+[A-Za-z\\-]*))$/D";
pcre *re = NULL;
pcre_extra *pcre_extra = NULL;
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/016.phpt?r1=1.4.2.4&r2=1.4.2.5&diff_format=u
Index: php-src/ext/filter/tests/016.phpt
diff -u php-src/ext/filter/tests/016.phpt:1.4.2.4
php-src/ext/filter/tests/016.phpt:1.4.2.5
--- php-src/ext/filter/tests/016.phpt:1.4.2.4 Tue Dec 19 14:16:23 2006
+++ php-src/ext/filter/tests/016.phpt Mon Feb 2 23:51:58 2009
@@ -13,7 +13,8 @@
't...@com',
'@',
'[]()/@example.com',
-'qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net',
+'qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net',
+'e.x.a.m.p.l...@example.com'
);
foreach ($values as $value) {
var_dump(filter_var($value, FILTER_VALIDATE_EMAIL));
@@ -27,8 +28,9 @@
bool(false)
bool(false)
bool(false)
-bool(false)
+string(8) "t...@com"
bool(false)
bool(false)
string(57) "qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net"
-Done
+string(26) "e.x.a.m.p.l...@example.com"
+Done
\ No newline at end of file
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1404&r2=1.2027.2.547.2.1405&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1404 php-src/NEWS:1.2027.2.547.2.1405
--- php-src/NEWS:1.2027.2.547.2.1404Mon Feb 2 04:54:10 2009
+++ php-src/NEWSMon Feb 2 23:51:58 2009
@@ -17,6 +17,8 @@
- Fixed bug in xml_error_string() which resulted in messages being
off by one. (Scott)
+- Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses
+ as invalid). (Ilia)
- Fixed bug #47220 (segfault in dom_document_parser in recovery mode). (Rob)
- Fixed bug #47217 (content-type is not set properly for file uploads).
(Ilia)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests bug47745.phpt
dmitry Tue Mar 31 10:05:38 2009 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/filter/tests bug47745.phpt
Modified files:
/php-srcNEWS
/php-src/ext/filter logical_filters.c
Log:
Fixed bug #47745 (FILTER_VALIDATE_INT doesn't allow minimum integer)
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1454&r2=1.2027.2.547.2.1455&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1454 php-src/NEWS:1.2027.2.547.2.1455
--- php-src/NEWS:1.2027.2.547.2.1454Mon Mar 30 19:59:08 2009
+++ php-src/NEWSTue Mar 31 10:05:37 2009
@@ -12,6 +12,8 @@
- Fixed bug #47828 (openssl_x509_parse() segfaults when a UTF-8 conversion
fails). (Scott, Kees Cook, Pierre)
- Fixed bug #47769 (Strange extends PDO). (Felipe)
+- Fixed bug #47745 (FILTER_VALIDATE_INT doesn't allow minimum integer).
+ (Dmitry)
- Fixed bug #47721 (Alignment issues in mbstring and sysvshm extension)
(crrodriguez at opensuse dot org, Ilia)
- Fixed bug #47704 (PHP crashes on some "bad" operations with string offsets).
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.31&r2=1.1.2.32&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.31
php-src/ext/filter/logical_filters.c:1.1.2.32
--- php-src/ext/filter/logical_filters.c:1.1.2.31 Wed Mar 25 18:53:04 2009
+++ php-src/ext/filter/logical_filters.cTue Mar 31 10:05:37 2009
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.31 2009/03/25 18:53:04 iliaa Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.32 2009/03/31 10:05:37 dmitry Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -70,14 +70,12 @@
static int php_filter_parse_int(const char *str, unsigned int str_len, long
*ret TSRMLS_DC) { /* {{{ */
long ctx_value;
- long sign = 1;
+ long sign = 0;
const char *end = str + str_len;
- double dval;
- long overflow;
switch (*str) {
case '-':
- sign = -1;
+ sign = 1;
case '+':
str++;
default:
@@ -91,22 +89,29 @@
return -1;
}
+ if ((end - str > MAX_LENGTH_OF_LONG - 1) /* number too long */
+|| (SIZEOF_LONG == 4 && end - str == MAX_LENGTH_OF_LONG - 1 && *str >
'2')) {
+ /* overflow */
+ return -1;
+ }
+
while (str < end) {
if (*str >= '0' && *str <= '9') {
- ZEND_SIGNED_MULTIPLY_LONG(ctx_value, 10, ctx_value,
dval, overflow);
- if (overflow) {
- return -1;
- }
- ctx_value += ((*(str++)) - '0');
- if (ctx_value & LONG_SIGN_MASK) {
- return -1;
- }
+ ctx_value = (ctx_value * 10) + (*(str++) - '0');
\
} else {
return -1;
}
}
+ if (sign) {
+ ctx_value = -ctx_value;
+ if (ctx_value > 0) { /* overflow */
+ return -1;
+ }
+ } else if (ctx_value < 0) { /* overflow */
+ return -1;
+ }
- *ret = ctx_value * sign;
+ *ret = ctx_value;
return 1;
}
/* }}} */
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/bug47745.phpt?view=markup&rev=1.1
Index: php-src/ext/filter/tests/bug47745.phpt
+++ php-src/ext/filter/tests/bug47745.phpt
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests 016.phpt
iliaa Sun Jul 5 16:07:25 2009 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/filter/tests 016.phpt
/php-src/ext/filter logical_filters.c
/php-srcNEWS
Log:
Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain
components).
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/016.phpt?r1=1.4.2.5&r2=1.4.2.6&diff_format=u
Index: php-src/ext/filter/tests/016.phpt
diff -u php-src/ext/filter/tests/016.phpt:1.4.2.5
php-src/ext/filter/tests/016.phpt:1.4.2.6
--- php-src/ext/filter/tests/016.phpt:1.4.2.5 Mon Feb 2 23:51:58 2009
+++ php-src/ext/filter/tests/016.phpt Sun Jul 5 16:07:23 2009
@@ -14,7 +14,8 @@
'@',
'[]()/@example.com',
'qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net',
-'e.x.a.m.p.l...@example.com'
+'e.x.a.m.p.l...@example.com',
+'firstname.lastn...@employee.2something.com'
);
foreach ($values as $value) {
var_dump(filter_var($value, FILTER_VALIDATE_EMAIL));
@@ -33,4 +34,5 @@
bool(false)
string(57) "qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net"
string(26) "e.x.a.m.p.l...@example.com"
+string(42) "firstname.lastn...@employee.2something.com"
Done
\ No newline at end of file
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.34&r2=1.1.2.35&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.34
php-src/ext/filter/logical_filters.c:1.1.2.35
--- php-src/ext/filter/logical_filters.c:1.1.2.34 Wed Jun 10 19:05:49 2009
+++ php-src/ext/filter/logical_filters.cSun Jul 5 16:07:24 2009
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.34 2009/06/10 19:05:49 felipe Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.35 2009/07/05 16:07:24 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -472,7 +472,7 @@
void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
/* From
http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
- const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?(\\.(?=[A-Za-z\\-]))?)+[A-Za-z\\-]*))$/D";
+ const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?(\\.(?=[A-Za-z0-9\\-]))?)+[A-Za-z\\-]*))$/D";
pcre *re = NULL;
pcre_extra *pcre_extra = NULL;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1577&r2=1.2027.2.547.2.1578&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1577 php-src/NEWS:1.2027.2.547.2.1578
--- php-src/NEWS:1.2027.2.547.2.1577Thu Jul 2 13:41:29 2009
+++ php-src/NEWSSun Jul 5 16:07:24 2009
@@ -1,4 +1,4 @@
-PHP
NEWS
+PHPNEWS
|||
?? ??? 2009, PHP 5.2.11
- Fixed regression in cURL extension that prevented flush of data to output
@@ -6,6 +6,8 @@
- Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on
files that have been opened with r+). (Ilia)
+- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain
+ components). (Ilia)
- Fixed bug #48709 (metaphone and 'wh'). (brettz9 at yahoo dot com, Felipe)
- Fixed bug #48693 (Double declaration of __lambda_func when lambda wrongly
formatted). (peter at lvp-media dot com, Felipe)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests bug44445.phpt
iliaa Tue Mar 18 23:32:42 2008 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/filter/tests bug5.phpt
Modified files:
/php-src/ext/filter logical_filters.c
/php-srcNEWS
Log:
MFB: Bug #5 (email validator does not handle domains starting/ending
with a -)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.23&r2=1.1.2.24&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.23
php-src/ext/filter/logical_filters.c:1.1.2.24
--- php-src/ext/filter/logical_filters.c:1.1.2.23 Mon Dec 31 07:20:06 2007
+++ php-src/ext/filter/logical_filters.cTue Mar 18 23:32:42 2008
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.23 2007/12/31 07:20:06 sebastian Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.24 2008/03/18 23:32:42 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -469,7 +469,7 @@
void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
/* From
http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
- const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/D";
+ const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.)+[A-Za-z\\-]+))$/D";
pcre *re = NULL;
pcre_extra *pcre_extra = NULL;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1120&r2=1.2027.2.547.2.1121&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1120 php-src/NEWS:1.2027.2.547.2.1121
--- php-src/NEWS:1.2027.2.547.2.1120Mon Mar 17 23:09:06 2008
+++ php-src/NEWSTue Mar 18 23:32:42 2008
@@ -4,6 +4,8 @@
- Properly address incomplete multibyte chars inside escapeshellcmd() (Ilia,
Stefan Esser)
- Fix integer overflow in printf(). (Stas, Maksymilian Aciemowicz)
+- Fixed bug #5 (email validator does not handle domains starting/ending
+ with a -). (Ilia)
- Fixed bug #0 (st_blocks undefined under BeOS). (Felipe)
- Fixed bug #44394 (Last two bytes missing from output). (Felipe)
- Fixed bug #44388 (Crash inside exif_read_data() on invalid images) (Ilia)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/bug5.phpt?view=markup&rev=1.1
Index: php-src/ext/filter/tests/bug5.phpt
+++ php-src/ext/filter/tests/bug5.phpt
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests bug39846.phpt
iliaa Sat Dec 16 21:48:05 2006 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/filter/tests bug39846.phpt
Modified files:
/php-src/ext/filter logical_filters.c
/php-srcNEWS
Log:
Fixed bug #39846 (Invalid IPv4 treated as valid).
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.11&r2=1.1.2.12&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.11
php-src/ext/filter/logical_filters.c:1.1.2.12
--- php-src/ext/filter/logical_filters.c:1.1.2.11 Tue Oct 17 15:26:14 2006
+++ php-src/ext/filter/logical_filters.cSat Dec 16 21:48:05 2006
@@ -17,13 +17,17 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.11 2006/10/17 15:26:14 iliaa Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.12 2006/12/16 21:48:05 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
#include "ext/standard/url.h"
#include "ext/pcre/php_pcre.h"
+#if HAVE_ARPA_INET_H
+# include
+#endif
+
/* {{{ FETCH_LONG_OPTION(var_name, option_name) */
#define FETCH_LONG_OPTION(var_name, option_name)
\
var_name = 0;
\
@@ -523,70 +527,31 @@
}
/* }}} */
-static int _php_filter_validate_ipv4_count_dots(char *str) /* {{{ */
-{
- char *s1, *s2, *s3, *s4;
-
- s1 = strchr(str, '.');
- if (!s1)
- return 0;
- s2 = strchr(s1 + 1, '.');
- if (!s2)
- return 1;
- s3 = strchr(s2 + 1, '.');
- if (!s3)
- return 2;
- s4 = strchr(s3 + 1, '.');
- if (!s4)
- return 3;
- return 4; /* too many */
-}
-/* }}} */
-
-static int _php_filter_validate_ipv4_get_nr(char **str) /* {{{ */
+static int _php_filter_validate_ipv4(char *str, int str_len, int *ip) /* {{{ */
{
- char *begin, *end, *ptr, *tmp_str;
- int tmp_nr = -1;
-
- begin = ptr = *str;
- while ((*ptr >= '0') && (*ptr <= '9')) {
- ++ptr;
- }
- end = ptr;
- *str = end + 1;
-
- if (end == begin) {
- return -1;
- }
-
- tmp_str = calloc(1, end - begin + 1);
- memcpy(tmp_str, begin, end - begin);
- tmp_nr = strtol(tmp_str, NULL, 10);
- free(tmp_str);
-
- if (tmp_nr < 0 || tmp_nr > 255) {
- tmp_nr = -1;
+ unsigned long int i = inet_addr(str);
+ char ip_chk[16];
+ int l;
+
+ if (i == INADDR_NONE) {
+ if (!strcmp(str, "255.255.255.255")) {
+ ip[0] = ip[1] = ip[2] = ip[3] = 255;
+ return 1;
+ } else {
+ return 0;
+ }
}
- return tmp_nr;
-}
-/* }}} */
-
-static int _php_filter_validate_ipv4(char *str, int *ip TSRMLS_DC) /* {{{ */
-{
- char *p;
- int x;
-
- if (_php_filter_validate_ipv4_count_dots(str) != 3) {
+ ip[0] = i & 0xFF;
+ ip[1] = (i & 0xFF00) / 256;
+ ip[2] = (i & 0xFF) / 256 / 256;
+ ip[3] = (i & 0xFF00) / 256 / 256 / 256;
+
+ /* make sure that the input does not have any trailing values */
+ l = sprintf(ip_chk, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]);
+ if (l != str_len || strcmp(ip_chk, str)) {
return 0;
}
- p = str;
- for (x = 0; x < 4; ++x) {
- ip[x] = _php_filter_validate_ipv4_get_nr(&p);
- if (ip[x] == -1) {
- return 0;
- }
- }
return 1;
}
/* }}} */
@@ -607,7 +572,7 @@
hexcode_found++;\
}
-static int _php_filter_validate_ipv6_(char *str TSRMLS_DC) /* {{{ */
+static int _php_filter_validate_ipv6_(char *str, int str_len TSRMLS_DC) /* {{{
*/
{
int hexcode_found = 0;
int compressed_2end = 0;
@@ -617,21 +582,21 @@
char *s2 = NULL, *ipv4=NULL;
int ip4elm[4];
- if (!strchr(str, ':')) {
+ if (!memchr(str, ':', str_len)) {
return 0;
}
/* Check for compressed expression. only one is allowed */
- compressed = strstr(str, "::");
+ compressed = php_memnstr(str, "::", sizeof("::")-1, str+str_len);
if (compressed) {
- s2 = strstr(compressed+1, "::");
+ s2 = php_memnstr(compressed+1, "::", sizeof("::")-1, str +
str_len);
if (s2) {
return 0;
}
}
/* check for bundled IPv4 */
- ipv4 = strchr(str, '.');
+ ipv4 = memchr(str, '.', str_len);
if (ipv4) {
while (*ipv4 != ':' && ipv4 >= start) {
@@ -644,7 +609,7 @@
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests PMOPB45.phpt
iliaa Thu May 3 23:38:28 2007 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/filter/tests PMOPB45.phpt
Modified files:
/php-src/ext/filter logical_filters.c
/php-srcNEWS
Log:
Fixed ext/filter Email Validation Vulnerability
(MOPB-24 by Stefan Esser)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.21&r2=1.1.2.22&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.21
php-src/ext/filter/logical_filters.c:1.1.2.22
--- php-src/ext/filter/logical_filters.c:1.1.2.21 Mon Jan 1 09:36:00 2007
+++ php-src/ext/filter/logical_filters.cThu May 3 23:38:27 2007
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.21 2007/01/01 09:36:00 sebastian Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.22 2007/05/03 23:38:27 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -469,7 +469,7 @@
void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
/* From
http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
- const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/";
+ const char regexp[] =
"/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/D";
pcre *re = NULL;
pcre_extra *pcre_extra = NULL;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.675&r2=1.2027.2.547.2.676&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.675 php-src/NEWS:1.2027.2.547.2.676
--- php-src/NEWS:1.2027.2.547.2.675 Thu May 3 01:16:50 2007
+++ php-src/NEWSThu May 3 23:38:27 2007
@@ -1,6 +1,8 @@
PHPNEWS
|||
?? ??? 2007, PHP 5.2.3
+- Fixed ext/filter Email Validation Vulnerability (MOPB-24 by Stefan Esser)
+ (Ilia)
03 May 2007, PHP 5.2.2
- Improved bundled GD
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/PMOPB45.phpt?view=markup&rev=1.1
Index: php-src/ext/filter/tests/PMOPB45.phpt
+++ php-src/ext/filter/tests/PMOPB45.phpt
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests 015.phpt 033.phpt
iliaa Wed Dec 20 19:20:01 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/filter logical_filters.c
/php-src/ext/filter/tests 015.phpt 033.phpt
/php-srcNEWS
Log:
Fixed bug #39898 (FILTER_VALIDATE_URL validates \r\n\t etc).
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.15&r2=1.1.2.16&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.15
php-src/ext/filter/logical_filters.c:1.1.2.16
--- php-src/ext/filter/logical_filters.c:1.1.2.15 Wed Dec 20 14:39:01 2006
+++ php-src/ext/filter/logical_filters.cWed Dec 20 19:20:01 2006
@@ -17,7 +17,7 @@
+--+
*/
-/* $Id: logical_filters.c,v 1.1.2.15 2006/12/20 14:39:01 derick Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.16 2006/12/20 19:20:01 iliaa Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -477,6 +477,13 @@
void php_filter_validate_url(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
php_url *url;
+ int old_len = Z_STRLEN_P(value);
+
+ php_filter_url(value, flags, option_array, charset TSRMLS_DC);
+
+ if (Z_TYPE_P(value) != IS_STRING || old_len != Z_STRLEN_P(value)) {
+ RETURN_VALIDATION_FAILED
+ }
/* Use parse_url - if it returns false, we return NULL */
url = php_url_parse_ex(Z_STRVAL_P(value), Z_STRLEN_P(value));
@@ -486,10 +493,10 @@
}
if (
- ((flags & FILTER_FLAG_SCHEME_REQUIRED) && url->scheme == NULL)
||
- ((flags & FILTER_FLAG_HOST_REQUIRED) && url->host == NULL) ||
- ((flags & FILTER_FLAG_PATH_REQUIRED) && url->path == NULL) ||
- ((flags & FILTER_FLAG_QUERY_REQUIRED) && url->query == NULL)
+ url->scheme == NULL ||
+ /* some schemas allow the host to be empty */
+ (url->host == NULL && (strcmp(url->scheme, "mailto") &&
strcmp(url->scheme, "news") && strcmp(url->scheme, "file"))) ||
+ ((flags & FILTER_FLAG_PATH_REQUIRED) && url->path == NULL) ||
((flags & FILTER_FLAG_QUERY_REQUIRED) && url->query == NULL)
) {
php_url_free(url);
RETURN_VALIDATION_FAILED
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/015.phpt?r1=1.4.2.4&r2=1.4.2.5&diff_format=u
Index: php-src/ext/filter/tests/015.phpt
diff -u php-src/ext/filter/tests/015.phpt:1.4.2.4
php-src/ext/filter/tests/015.phpt:1.4.2.5
--- php-src/ext/filter/tests/015.phpt:1.4.2.4 Tue Dec 19 14:16:23 2006
+++ php-src/ext/filter/tests/015.phpt Wed Dec 20 19:20:01 2006
@@ -24,6 +24,10 @@
'',
-1,
array(),
+'mailto:[EMAIL PROTECTED]',
+'news:news.php.net',
+'file://foo/bar',
+"http://\r\n/bar";,
);
foreach ($values as $value) {
var_dump(filter_var($value, FILTER_VALIDATE_URL));
@@ -48,18 +52,22 @@
string(31) "http://www.example/img/test.png";
string(27) "http://www.example/img/dir/";
string(26) "http://www.example/img/dir";
-string(28) "http//www.example/wrong/url/"
-string(17) "http:/www.example"
+bool(false)
+bool(false)
string(18) "file:///tmp/test.c"
string(26) "ftp://ftp.example.com/tmp/";
-string(11) "/tmp/test.c"
-string(1) "/"
bool(false)
-string(6) "http:/"
-string(5) "http:"
-string(4) "http"
-string(0) ""
-string(2) "-1"
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+string(18) "mailto:[EMAIL PROTECTED]"
+string(17) "news:news.php.net";
+string(14) "file://foo/bar"
bool(false)
bool(false)
string(10) "http://qwe";
@@ -70,4 +78,4 @@
string(42) "http://www.example.com/path/at/the/server/";
bool(false)
string(40) "http://www.example.com/index.php?a=b&c=d";
-Done
+Done
\ No newline at end of file
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/033.phpt?r1=1.3.2.4&r2=1.3.2.5&diff_format=u
Index: php-src/ext/filter/tests/033.phpt
diff -u php-src/ext/filter/tests/033.phpt:1.3.2.4
php-src/ext/filter/tests/033.phpt:1.3.2.5
--- php-src/ext/filter/tests/033.phpt:1.3.2.4 Tue Dec 19 14:16:23 2006
+++ php-src/ext/filter/tests/033.phpt Wed Dec 20 19:20:01 2006
@@ -11,7 +11,7 @@
boolean 1
float1 123
validate_regexp
O'Henry
-validate_urlPHP 1 [EMAIL PROTECTED]http://a.b.c1.2.3.4
123 123abc<>() O'Henryíí¼
+validate_url http://a.b.c
validate_email [EMAIL PROTECTED]
