[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
iliaa Sun Mar 1 17:36:09 2009 UTC Modified files: (Branch: PHP_5_2) /php-srcNEWS /php-src/ext/filter logical_filters.c Log: MFB: Fixed bug #47435 (FILTER_FLAG_NO_PRIV_RANGE does not work with ipv6 addresses in the filter extension) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1431&r2=1.2027.2.547.2.1432&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1431 php-src/NEWS:1.2027.2.547.2.1432 --- php-src/NEWS:1.2027.2.547.2.1431Sun Mar 1 17:35:25 2009 +++ php-src/NEWSSun Mar 1 17:36:09 2009 @@ -3,6 +3,9 @@ ?? ??? 2009, PHP 5.2.10 - Fixed memory corruptions while reading properties of zip files. (Ilia) +- Fixed bug #47435 (FILTER_FLAG_NO_PRIV_RANGE does not work with ipv6 + addresses in the filter extension). (Ilia) + 26 Feb 2009, PHP 5.2.9 - Changed __call() to be invoked on private/protected method access, similar to properties and __get(). (Andrei) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.28&r2=1.1.2.29&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.28 php-src/ext/filter/logical_filters.c:1.1.2.29 --- php-src/ext/filter/logical_filters.c:1.1.2.28 Mon Feb 2 23:51:58 2009 +++ php-src/ext/filter/logical_filters.cSun Mar 1 17:36:09 2009 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.28 2009/02/02 23:51:58 iliaa Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.29 2009/03/01 17:36:09 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -655,6 +655,12 @@ if (res < 1) { RETURN_VALIDATION_FAILED } + /* Check flags */ + if (flags & FILTER_FLAG_NO_PRIV_RANGE) { + if (Z_STRLEN_P(value) >=2 && (!strncasecmp("FC", Z_STRVAL_P(value), 2) || !strncasecmp("FD", Z_STRVAL_P(value), 2))) { + RETURN_VALIDATION_FAILED + } + } } break; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
iliaa Sun Mar 8 18:22:26 2009 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/filter logical_filters.c /php-srcNEWS Log: MFB: Fixed bug #47598 (FILTER_VALIDATE_EMAIL is locale aware) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.29&r2=1.1.2.30&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.29 php-src/ext/filter/logical_filters.c:1.1.2.30 --- php-src/ext/filter/logical_filters.c:1.1.2.29 Sun Mar 1 17:36:09 2009 +++ php-src/ext/filter/logical_filters.cSun Mar 8 18:22:26 2009 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.29 2009/03/01 17:36:09 iliaa Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.30 2009/03/08 18:22:26 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -469,7 +469,7 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ - const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.?)+[A-Za-z\\-]*))$/D"; + const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.?)+[A-Za-z\\-]*))$/D"; pcre *re = NULL; pcre_extra *pcre_extra = NULL; http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1433&r2=1.2027.2.547.2.1434&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1433 php-src/NEWS:1.2027.2.547.2.1434 --- php-src/NEWS:1.2027.2.547.2.1433Tue Mar 3 11:50:32 2009 +++ php-src/NEWSSun Mar 8 18:22:26 2009 @@ -3,10 +3,11 @@ ?? ??? 2009, PHP 5.2.10 - Fixed memory corruptions while reading properties of zip files. (Ilia) -- Fixed bug #47546 (Default value for limit parameter in explode is 0, - not -1). (Kalle) +- Fixed bug #47598 (FILTER_VALIDATE_EMAIL is locale aware). (Ilia) +- Fixed bug #47546 (Default value for limit parameter in explode is 0, not -1). + (Kalle) - Fixed bug #47435 (FILTER_FLAG_NO_PRIV_RANGE does not work with ipv6 - addresses in the filter extension). (Ilia) + addresses in the filter extension). (Ilia) 26 Feb 2009, PHP 5.2.9 - Changed __call() to be invoked on private/protected method access, similar to -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
iliaa Wed Mar 25 18:53:05 2009 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/filter logical_filters.c /php-srcNEWS Log: MFB: Fixed bug #47772 (FILTER_VALIDATE_EMAIL allows f...@bar. addresses) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.30&r2=1.1.2.31&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.30 php-src/ext/filter/logical_filters.c:1.1.2.31 --- php-src/ext/filter/logical_filters.c:1.1.2.30 Sun Mar 8 18:22:26 2009 +++ php-src/ext/filter/logical_filters.cWed Mar 25 18:53:04 2009 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.30 2009/03/08 18:22:26 iliaa Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.31 2009/03/25 18:53:04 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -469,7 +469,7 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ - const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.?)+[A-Za-z\\-]*))$/D"; + const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?(\\.(?=[A-Za-z\\-]))?)+[A-Za-z\\-]*))$/D"; pcre *re = NULL; pcre_extra *pcre_extra = NULL; http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1448&r2=1.2027.2.547.2.1449&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1448 php-src/NEWS:1.2027.2.547.2.1449 --- php-src/NEWS:1.2027.2.547.2.1448Fri Mar 20 22:14:45 2009 +++ php-src/NEWSWed Mar 25 18:53:04 2009 @@ -6,6 +6,7 @@ - Fixed memory corruptions while reading properties of zip files. (Ilia) +- Fixed bug #47772 (FILTER_VALIDATE_EMAIL allows f...@bar. addresses). (Ilia) - Fixed bug #47721 (Alignment issues in mbstring and sysvshm extension) (crrodriguez at opensuse dot org, Ilia) - Fixed bug #47704 (PHP crashes on some "bad" operations with string offsets). -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
derick Wed Dec 20 14:39:02 2006 UTC Modified files: (Branch: PHP_5_2) /php-srcNEWS /php-src/ext/filter logical_filters.c Log: - Fixed the validate email filter so that the letter "v" can also be used in the user part of the email address. (Derick) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.445&r2=1.2027.2.547.2.446&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.445 php-src/NEWS:1.2027.2.547.2.446 --- php-src/NEWS:1.2027.2.547.2.445 Wed Dec 20 10:49:32 2006 +++ php-src/NEWSWed Dec 20 14:39:01 2006 @@ -10,7 +10,9 @@ . canary protection (debug build only) . random generation of cookies and canaries - Fixed incorrect function names on FreeBSD where inet_pton() was named - __inet_pton() and inet_ntop() was named __inet_ntop() (Hannes) + __inet_pton() and inet_ntop() was named __inet_ntop(). (Hannes) +- Fixed the validate email filter so that the letter "v" can also be used in + the user part of the email address. (Derick) - Fixed bug #39869 (safe_read does not initialize errno). (michiel at boland dot org, Dmitry) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.14&r2=1.1.2.15&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.14 php-src/ext/filter/logical_filters.c:1.1.2.15 --- php-src/ext/filter/logical_filters.c:1.1.2.14 Mon Dec 18 14:56:40 2006 +++ php-src/ext/filter/logical_filters.cWed Dec 20 14:39:01 2006 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.14 2006/12/18 14:56:40 iliaa Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.15 2006/12/20 14:39:01 derick Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -501,7 +501,7 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ - const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\v\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/"; + const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/"; pcre *re = NULL; pcre_extra *pcre_extra = NULL; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
iliaa Mon Oct 20 23:23:45 2008 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/filter logical_filters.c /php-srcNEWS Log: MFB:Fixed bug #46343 (IPv6 address filter accepts invalid address) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.24&r2=1.1.2.25&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.24 php-src/ext/filter/logical_filters.c:1.1.2.25 --- php-src/ext/filter/logical_filters.c:1.1.2.24 Tue Mar 18 23:32:42 2008 +++ php-src/ext/filter/logical_filters.cMon Oct 20 23:23:45 2008 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.24 2008/03/18 23:32:42 iliaa Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.25 2008/10/20 23:23:45 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -529,6 +529,7 @@ char *ipv4; char *end; int ip4elm[4]; + char *s = str; if (!memchr(str, ':', str_len)) { return 0; @@ -568,6 +569,8 @@ return 1; } compressed = 1; + } else if ((str - 1) == s) { + return 0; } } n = 0; http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1267&r2=1.2027.2.547.2.1268&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1267 php-src/NEWS:1.2027.2.547.2.1268 --- php-src/NEWS:1.2027.2.547.2.1267Mon Oct 20 19:30:56 2008 +++ php-src/NEWSMon Oct 20 23:23:45 2008 @@ -1,6 +1,7 @@ PHPNEWS ||| ?? Oct 2008, PHP 5.2.7RC2 +- Fixed bug #46343 (IPv6 address filter accepts invalid address). (Ilia) - Fixed bug #46341 (Added missing validation checks into define() for class constants). (Ilia) - Fixed bug #46335 (DOMText::splitText doesn't handle multibyte characters). -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c
Test? On 12/20/06, Derick Rethans <[EMAIL PROTECTED]> wrote: derick Wed Dec 20 14:39:02 2006 UTC Modified files: (Branch: PHP_5_2) /php-srcNEWS /php-src/ext/filter logical_filters.c Log: - Fixed the validate email filter so that the letter "v" can also be used in the user part of the email address. (Derick) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.445&r2=1.2027.2.547.2.446&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.445 php-src/NEWS:1.2027.2.547.2.446 --- php-src/NEWS:1.2027.2.547.2.445 Wed Dec 20 10:49:32 2006 +++ php-src/NEWSWed Dec 20 14:39:01 2006 @@ -10,7 +10,9 @@ . canary protection (debug build only) . random generation of cookies and canaries - Fixed incorrect function names on FreeBSD where inet_pton() was named - __inet_pton() and inet_ntop() was named __inet_ntop() (Hannes) + __inet_pton() and inet_ntop() was named __inet_ntop(). (Hannes) +- Fixed the validate email filter so that the letter "v" can also be used in + the user part of the email address. (Derick) - Fixed bug #39869 (safe_read does not initialize errno). (michiel at boland dot org, Dmitry) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.14&r2=1.1.2.15&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.14 php-src/ext/filter/logical_filters.c:1.1.2.15 --- php-src/ext/filter/logical_filters.c:1.1.2.14 Mon Dec 18 14:56:40 2006 +++ php-src/ext/filter/logical_filters.cWed Dec 20 14:39:01 2006 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.14 2006/12/18 14:56:40 iliaa Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.15 2006/12/20 14:39:01 derick Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -501,7 +501,7 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ - const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\v\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/"; + const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/"; pcre *re = NULL; pcre_extra *pcre_extra = NULL; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests 016.phpt
iliaa Mon Feb 2 23:51:58 2009 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/filter logical_filters.c /php-src/ext/filter/tests 016.phpt /php-srcNEWS Log: MFB: Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses as invalid) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.27&r2=1.1.2.28&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.27 php-src/ext/filter/logical_filters.c:1.1.2.28 --- php-src/ext/filter/logical_filters.c:1.1.2.27 Wed Dec 31 15:39:48 2008 +++ php-src/ext/filter/logical_filters.cMon Feb 2 23:51:58 2009 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.27 2008/12/31 15:39:48 felipe Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.28 2009/02/02 23:51:58 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -469,7 +469,7 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ - const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.)+[A-Za-z\\-]+))$/D"; + const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.?)+[A-Za-z\\-]*))$/D"; pcre *re = NULL; pcre_extra *pcre_extra = NULL; http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/016.phpt?r1=1.4.2.4&r2=1.4.2.5&diff_format=u Index: php-src/ext/filter/tests/016.phpt diff -u php-src/ext/filter/tests/016.phpt:1.4.2.4 php-src/ext/filter/tests/016.phpt:1.4.2.5 --- php-src/ext/filter/tests/016.phpt:1.4.2.4 Tue Dec 19 14:16:23 2006 +++ php-src/ext/filter/tests/016.phpt Mon Feb 2 23:51:58 2009 @@ -13,7 +13,8 @@ 't...@com', '@', '[]()/@example.com', -'qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net', +'qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net', +'e.x.a.m.p.l...@example.com' ); foreach ($values as $value) { var_dump(filter_var($value, FILTER_VALIDATE_EMAIL)); @@ -27,8 +28,9 @@ bool(false) bool(false) bool(false) -bool(false) +string(8) "t...@com" bool(false) bool(false) string(57) "qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net" -Done +string(26) "e.x.a.m.p.l...@example.com" +Done \ No newline at end of file http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1404&r2=1.2027.2.547.2.1405&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1404 php-src/NEWS:1.2027.2.547.2.1405 --- php-src/NEWS:1.2027.2.547.2.1404Mon Feb 2 04:54:10 2009 +++ php-src/NEWSMon Feb 2 23:51:58 2009 @@ -17,6 +17,8 @@ - Fixed bug in xml_error_string() which resulted in messages being off by one. (Scott) +- Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses + as invalid). (Ilia) - Fixed bug #47220 (segfault in dom_document_parser in recovery mode). (Rob) - Fixed bug #47217 (content-type is not set properly for file uploads). (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests bug47745.phpt
dmitry Tue Mar 31 10:05:38 2009 UTC Added files: (Branch: PHP_5_2) /php-src/ext/filter/tests bug47745.phpt Modified files: /php-srcNEWS /php-src/ext/filter logical_filters.c Log: Fixed bug #47745 (FILTER_VALIDATE_INT doesn't allow minimum integer) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1454&r2=1.2027.2.547.2.1455&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1454 php-src/NEWS:1.2027.2.547.2.1455 --- php-src/NEWS:1.2027.2.547.2.1454Mon Mar 30 19:59:08 2009 +++ php-src/NEWSTue Mar 31 10:05:37 2009 @@ -12,6 +12,8 @@ - Fixed bug #47828 (openssl_x509_parse() segfaults when a UTF-8 conversion fails). (Scott, Kees Cook, Pierre) - Fixed bug #47769 (Strange extends PDO). (Felipe) +- Fixed bug #47745 (FILTER_VALIDATE_INT doesn't allow minimum integer). + (Dmitry) - Fixed bug #47721 (Alignment issues in mbstring and sysvshm extension) (crrodriguez at opensuse dot org, Ilia) - Fixed bug #47704 (PHP crashes on some "bad" operations with string offsets). http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.31&r2=1.1.2.32&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.31 php-src/ext/filter/logical_filters.c:1.1.2.32 --- php-src/ext/filter/logical_filters.c:1.1.2.31 Wed Mar 25 18:53:04 2009 +++ php-src/ext/filter/logical_filters.cTue Mar 31 10:05:37 2009 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.31 2009/03/25 18:53:04 iliaa Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.32 2009/03/31 10:05:37 dmitry Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -70,14 +70,12 @@ static int php_filter_parse_int(const char *str, unsigned int str_len, long *ret TSRMLS_DC) { /* {{{ */ long ctx_value; - long sign = 1; + long sign = 0; const char *end = str + str_len; - double dval; - long overflow; switch (*str) { case '-': - sign = -1; + sign = 1; case '+': str++; default: @@ -91,22 +89,29 @@ return -1; } + if ((end - str > MAX_LENGTH_OF_LONG - 1) /* number too long */ +|| (SIZEOF_LONG == 4 && end - str == MAX_LENGTH_OF_LONG - 1 && *str > '2')) { + /* overflow */ + return -1; + } + while (str < end) { if (*str >= '0' && *str <= '9') { - ZEND_SIGNED_MULTIPLY_LONG(ctx_value, 10, ctx_value, dval, overflow); - if (overflow) { - return -1; - } - ctx_value += ((*(str++)) - '0'); - if (ctx_value & LONG_SIGN_MASK) { - return -1; - } + ctx_value = (ctx_value * 10) + (*(str++) - '0'); \ } else { return -1; } } + if (sign) { + ctx_value = -ctx_value; + if (ctx_value > 0) { /* overflow */ + return -1; + } + } else if (ctx_value < 0) { /* overflow */ + return -1; + } - *ret = ctx_value * sign; + *ret = ctx_value; return 1; } /* }}} */ http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/bug47745.phpt?view=markup&rev=1.1 Index: php-src/ext/filter/tests/bug47745.phpt +++ php-src/ext/filter/tests/bug47745.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests 016.phpt
iliaa Sun Jul 5 16:07:25 2009 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/filter/tests 016.phpt /php-src/ext/filter logical_filters.c /php-srcNEWS Log: Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain components). http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/016.phpt?r1=1.4.2.5&r2=1.4.2.6&diff_format=u Index: php-src/ext/filter/tests/016.phpt diff -u php-src/ext/filter/tests/016.phpt:1.4.2.5 php-src/ext/filter/tests/016.phpt:1.4.2.6 --- php-src/ext/filter/tests/016.phpt:1.4.2.5 Mon Feb 2 23:51:58 2009 +++ php-src/ext/filter/tests/016.phpt Sun Jul 5 16:07:23 2009 @@ -14,7 +14,8 @@ '@', '[]()/@example.com', 'qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net', -'e.x.a.m.p.l...@example.com' +'e.x.a.m.p.l...@example.com', +'firstname.lastn...@employee.2something.com' ); foreach ($values as $value) { var_dump(filter_var($value, FILTER_VALIDATE_EMAIL)); @@ -33,4 +34,5 @@ bool(false) string(57) "qwertyuiopasdfghjklzxcv...@qwertyuiopasdfghjklzxcvbnm.net" string(26) "e.x.a.m.p.l...@example.com" +string(42) "firstname.lastn...@employee.2something.com" Done \ No newline at end of file http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.34&r2=1.1.2.35&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.34 php-src/ext/filter/logical_filters.c:1.1.2.35 --- php-src/ext/filter/logical_filters.c:1.1.2.34 Wed Jun 10 19:05:49 2009 +++ php-src/ext/filter/logical_filters.cSun Jul 5 16:07:24 2009 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.34 2009/06/10 19:05:49 felipe Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.35 2009/07/05 16:07:24 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -472,7 +472,7 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ - const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?(\\.(?=[A-Za-z\\-]))?)+[A-Za-z\\-]*))$/D"; + const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[A-Za-z0-9_\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]*)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?(\\.(?=[A-Za-z0-9\\-]))?)+[A-Za-z\\-]*))$/D"; pcre *re = NULL; pcre_extra *pcre_extra = NULL; http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1577&r2=1.2027.2.547.2.1578&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1577 php-src/NEWS:1.2027.2.547.2.1578 --- php-src/NEWS:1.2027.2.547.2.1577Thu Jul 2 13:41:29 2009 +++ php-src/NEWSSun Jul 5 16:07:24 2009 @@ -1,4 +1,4 @@ -PHP NEWS +PHPNEWS ||| ?? ??? 2009, PHP 5.2.11 - Fixed regression in cURL extension that prevented flush of data to output @@ -6,6 +6,8 @@ - Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on files that have been opened with r+). (Ilia) +- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain + components). (Ilia) - Fixed bug #48709 (metaphone and 'wh'). (brettz9 at yahoo dot com, Felipe) - Fixed bug #48693 (Double declaration of __lambda_func when lambda wrongly formatted). (peter at lvp-media dot com, Felipe) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests bug44445.phpt
iliaa Tue Mar 18 23:32:42 2008 UTC Added files: (Branch: PHP_5_2) /php-src/ext/filter/tests bug5.phpt Modified files: /php-src/ext/filter logical_filters.c /php-srcNEWS Log: MFB: Bug #5 (email validator does not handle domains starting/ending with a -) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.23&r2=1.1.2.24&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.23 php-src/ext/filter/logical_filters.c:1.1.2.24 --- php-src/ext/filter/logical_filters.c:1.1.2.23 Mon Dec 31 07:20:06 2007 +++ php-src/ext/filter/logical_filters.cTue Mar 18 23:32:42 2008 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.23 2007/12/31 07:20:06 sebastian Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.24 2008/03/18 23:32:42 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -469,7 +469,7 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ - const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/D"; + const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9])(([A-Za-z0-9\\-])*([A-Za-z0-9]))?\\.)+[A-Za-z\\-]+))$/D"; pcre *re = NULL; pcre_extra *pcre_extra = NULL; http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1120&r2=1.2027.2.547.2.1121&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1120 php-src/NEWS:1.2027.2.547.2.1121 --- php-src/NEWS:1.2027.2.547.2.1120Mon Mar 17 23:09:06 2008 +++ php-src/NEWSTue Mar 18 23:32:42 2008 @@ -4,6 +4,8 @@ - Properly address incomplete multibyte chars inside escapeshellcmd() (Ilia, Stefan Esser) - Fix integer overflow in printf(). (Stas, Maksymilian Aciemowicz) +- Fixed bug #5 (email validator does not handle domains starting/ending + with a -). (Ilia) - Fixed bug #0 (st_blocks undefined under BeOS). (Felipe) - Fixed bug #44394 (Last two bytes missing from output). (Felipe) - Fixed bug #44388 (Crash inside exif_read_data() on invalid images) (Ilia) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/bug5.phpt?view=markup&rev=1.1 Index: php-src/ext/filter/tests/bug5.phpt +++ php-src/ext/filter/tests/bug5.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests bug39846.phpt
iliaa Sat Dec 16 21:48:05 2006 UTC Added files: (Branch: PHP_5_2) /php-src/ext/filter/tests bug39846.phpt Modified files: /php-src/ext/filter logical_filters.c /php-srcNEWS Log: Fixed bug #39846 (Invalid IPv4 treated as valid). http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.11&r2=1.1.2.12&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.11 php-src/ext/filter/logical_filters.c:1.1.2.12 --- php-src/ext/filter/logical_filters.c:1.1.2.11 Tue Oct 17 15:26:14 2006 +++ php-src/ext/filter/logical_filters.cSat Dec 16 21:48:05 2006 @@ -17,13 +17,17 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.11 2006/10/17 15:26:14 iliaa Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.12 2006/12/16 21:48:05 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" #include "ext/standard/url.h" #include "ext/pcre/php_pcre.h" +#if HAVE_ARPA_INET_H +# include +#endif + /* {{{ FETCH_LONG_OPTION(var_name, option_name) */ #define FETCH_LONG_OPTION(var_name, option_name) \ var_name = 0; \ @@ -523,70 +527,31 @@ } /* }}} */ -static int _php_filter_validate_ipv4_count_dots(char *str) /* {{{ */ -{ - char *s1, *s2, *s3, *s4; - - s1 = strchr(str, '.'); - if (!s1) - return 0; - s2 = strchr(s1 + 1, '.'); - if (!s2) - return 1; - s3 = strchr(s2 + 1, '.'); - if (!s3) - return 2; - s4 = strchr(s3 + 1, '.'); - if (!s4) - return 3; - return 4; /* too many */ -} -/* }}} */ - -static int _php_filter_validate_ipv4_get_nr(char **str) /* {{{ */ +static int _php_filter_validate_ipv4(char *str, int str_len, int *ip) /* {{{ */ { - char *begin, *end, *ptr, *tmp_str; - int tmp_nr = -1; - - begin = ptr = *str; - while ((*ptr >= '0') && (*ptr <= '9')) { - ++ptr; - } - end = ptr; - *str = end + 1; - - if (end == begin) { - return -1; - } - - tmp_str = calloc(1, end - begin + 1); - memcpy(tmp_str, begin, end - begin); - tmp_nr = strtol(tmp_str, NULL, 10); - free(tmp_str); - - if (tmp_nr < 0 || tmp_nr > 255) { - tmp_nr = -1; + unsigned long int i = inet_addr(str); + char ip_chk[16]; + int l; + + if (i == INADDR_NONE) { + if (!strcmp(str, "255.255.255.255")) { + ip[0] = ip[1] = ip[2] = ip[3] = 255; + return 1; + } else { + return 0; + } } - return tmp_nr; -} -/* }}} */ - -static int _php_filter_validate_ipv4(char *str, int *ip TSRMLS_DC) /* {{{ */ -{ - char *p; - int x; - - if (_php_filter_validate_ipv4_count_dots(str) != 3) { + ip[0] = i & 0xFF; + ip[1] = (i & 0xFF00) / 256; + ip[2] = (i & 0xFF) / 256 / 256; + ip[3] = (i & 0xFF00) / 256 / 256 / 256; + + /* make sure that the input does not have any trailing values */ + l = sprintf(ip_chk, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]); + if (l != str_len || strcmp(ip_chk, str)) { return 0; } - p = str; - for (x = 0; x < 4; ++x) { - ip[x] = _php_filter_validate_ipv4_get_nr(&p); - if (ip[x] == -1) { - return 0; - } - } return 1; } /* }}} */ @@ -607,7 +572,7 @@ hexcode_found++;\ } -static int _php_filter_validate_ipv6_(char *str TSRMLS_DC) /* {{{ */ +static int _php_filter_validate_ipv6_(char *str, int str_len TSRMLS_DC) /* {{{ */ { int hexcode_found = 0; int compressed_2end = 0; @@ -617,21 +582,21 @@ char *s2 = NULL, *ipv4=NULL; int ip4elm[4]; - if (!strchr(str, ':')) { + if (!memchr(str, ':', str_len)) { return 0; } /* Check for compressed expression. only one is allowed */ - compressed = strstr(str, "::"); + compressed = php_memnstr(str, "::", sizeof("::")-1, str+str_len); if (compressed) { - s2 = strstr(compressed+1, "::"); + s2 = php_memnstr(compressed+1, "::", sizeof("::")-1, str + str_len); if (s2) { return 0; } } /* check for bundled IPv4 */ - ipv4 = strchr(str, '.'); + ipv4 = memchr(str, '.', str_len); if (ipv4) { while (*ipv4 != ':' && ipv4 >= start) { @@ -644,7 +609,7 @@
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests PMOPB45.phpt
iliaa Thu May 3 23:38:28 2007 UTC Added files: (Branch: PHP_5_2) /php-src/ext/filter/tests PMOPB45.phpt Modified files: /php-src/ext/filter logical_filters.c /php-srcNEWS Log: Fixed ext/filter Email Validation Vulnerability (MOPB-24 by Stefan Esser) http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.21&r2=1.1.2.22&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.21 php-src/ext/filter/logical_filters.c:1.1.2.22 --- php-src/ext/filter/logical_filters.c:1.1.2.21 Mon Jan 1 09:36:00 2007 +++ php-src/ext/filter/logical_filters.cThu May 3 23:38:27 2007 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.21 2007/01/01 09:36:00 sebastian Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.22 2007/05/03 23:38:27 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -469,7 +469,7 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ - const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/"; + const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/D"; pcre *re = NULL; pcre_extra *pcre_extra = NULL; http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.675&r2=1.2027.2.547.2.676&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.675 php-src/NEWS:1.2027.2.547.2.676 --- php-src/NEWS:1.2027.2.547.2.675 Thu May 3 01:16:50 2007 +++ php-src/NEWSThu May 3 23:38:27 2007 @@ -1,6 +1,8 @@ PHPNEWS ||| ?? ??? 2007, PHP 5.2.3 +- Fixed ext/filter Email Validation Vulnerability (MOPB-24 by Stefan Esser) + (Ilia) 03 May 2007, PHP 5.2.2 - Improved bundled GD http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/PMOPB45.phpt?view=markup&rev=1.1 Index: php-src/ext/filter/tests/PMOPB45.phpt +++ php-src/ext/filter/tests/PMOPB45.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/filter logical_filters.c /ext/filter/tests 015.phpt 033.phpt
iliaa Wed Dec 20 19:20:01 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/filter logical_filters.c /php-src/ext/filter/tests 015.phpt 033.phpt /php-srcNEWS Log: Fixed bug #39898 (FILTER_VALIDATE_URL validates \r\n\t etc). http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.15&r2=1.1.2.16&diff_format=u Index: php-src/ext/filter/logical_filters.c diff -u php-src/ext/filter/logical_filters.c:1.1.2.15 php-src/ext/filter/logical_filters.c:1.1.2.16 --- php-src/ext/filter/logical_filters.c:1.1.2.15 Wed Dec 20 14:39:01 2006 +++ php-src/ext/filter/logical_filters.cWed Dec 20 19:20:01 2006 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: logical_filters.c,v 1.1.2.15 2006/12/20 14:39:01 derick Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.16 2006/12/20 19:20:01 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -477,6 +477,13 @@ void php_filter_validate_url(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { php_url *url; + int old_len = Z_STRLEN_P(value); + + php_filter_url(value, flags, option_array, charset TSRMLS_DC); + + if (Z_TYPE_P(value) != IS_STRING || old_len != Z_STRLEN_P(value)) { + RETURN_VALIDATION_FAILED + } /* Use parse_url - if it returns false, we return NULL */ url = php_url_parse_ex(Z_STRVAL_P(value), Z_STRLEN_P(value)); @@ -486,10 +493,10 @@ } if ( - ((flags & FILTER_FLAG_SCHEME_REQUIRED) && url->scheme == NULL) || - ((flags & FILTER_FLAG_HOST_REQUIRED) && url->host == NULL) || - ((flags & FILTER_FLAG_PATH_REQUIRED) && url->path == NULL) || - ((flags & FILTER_FLAG_QUERY_REQUIRED) && url->query == NULL) + url->scheme == NULL || + /* some schemas allow the host to be empty */ + (url->host == NULL && (strcmp(url->scheme, "mailto") && strcmp(url->scheme, "news") && strcmp(url->scheme, "file"))) || + ((flags & FILTER_FLAG_PATH_REQUIRED) && url->path == NULL) || ((flags & FILTER_FLAG_QUERY_REQUIRED) && url->query == NULL) ) { php_url_free(url); RETURN_VALIDATION_FAILED http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/015.phpt?r1=1.4.2.4&r2=1.4.2.5&diff_format=u Index: php-src/ext/filter/tests/015.phpt diff -u php-src/ext/filter/tests/015.phpt:1.4.2.4 php-src/ext/filter/tests/015.phpt:1.4.2.5 --- php-src/ext/filter/tests/015.phpt:1.4.2.4 Tue Dec 19 14:16:23 2006 +++ php-src/ext/filter/tests/015.phpt Wed Dec 20 19:20:01 2006 @@ -24,6 +24,10 @@ '', -1, array(), +'mailto:[EMAIL PROTECTED]', +'news:news.php.net', +'file://foo/bar', +"http://\r\n/bar";, ); foreach ($values as $value) { var_dump(filter_var($value, FILTER_VALIDATE_URL)); @@ -48,18 +52,22 @@ string(31) "http://www.example/img/test.png"; string(27) "http://www.example/img/dir/"; string(26) "http://www.example/img/dir"; -string(28) "http//www.example/wrong/url/" -string(17) "http:/www.example" +bool(false) +bool(false) string(18) "file:///tmp/test.c" string(26) "ftp://ftp.example.com/tmp/"; -string(11) "/tmp/test.c" -string(1) "/" bool(false) -string(6) "http:/" -string(5) "http:" -string(4) "http" -string(0) "" -string(2) "-1" +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +string(18) "mailto:[EMAIL PROTECTED]" +string(17) "news:news.php.net"; +string(14) "file://foo/bar" bool(false) bool(false) string(10) "http://qwe"; @@ -70,4 +78,4 @@ string(42) "http://www.example.com/path/at/the/server/"; bool(false) string(40) "http://www.example.com/index.php?a=b&c=d"; -Done +Done \ No newline at end of file http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/033.phpt?r1=1.3.2.4&r2=1.3.2.5&diff_format=u Index: php-src/ext/filter/tests/033.phpt diff -u php-src/ext/filter/tests/033.phpt:1.3.2.4 php-src/ext/filter/tests/033.phpt:1.3.2.5 --- php-src/ext/filter/tests/033.phpt:1.3.2.4 Tue Dec 19 14:16:23 2006 +++ php-src/ext/filter/tests/033.phpt Wed Dec 20 19:20:01 2006 @@ -11,7 +11,7 @@ boolean 1 float1 123 validate_regexp O'Henry -validate_urlPHP 1 [EMAIL PROTECTED]http://a.b.c1.2.3.4 123 123abc<>() O'Henryíí¼ +validate_url http://a.b.c validate_email [EMAIL PROTECTED]