- Changed port validation introduced in commit #308035 to consider

  negative ports and ports > 65535 as invalid.
  The tests that fail due to #308035 in the standard ext were not
  fixed. If the behavior in those tests turns out to be the
  desirable one, both this commit and #308035 ought to be reverted
  or at least adapted.

diff --git a/ext/filter/tests/015.phpt b/ext/filter/tests/015.phpt
index 7be849e76c3dc68055a80db544d011222061dfbe..476615ae377e4d5920404275ecf9d6577c09315c 100644 (file)
--- a/ext/filter/tests/015.phpt
+++ b/ext/filter/tests/015.phpt
@@ -28,7 +28,10 @@ array(),
 'news:news.php.net',
 'file://foo/bar',
 "http://\r\n/bar",
-"http://example.com:qq"
+"http://example.com:qq",
+"http://example.com:-2",
+"http://example.com:65536",
+"http://example.com:65537",
 );
 foreach ($values as $value) {
        var_dump(filter_var($value, FILTER_VALIDATE_URL));
@@ -72,6 +75,9 @@ string(14) "file://foo/bar"
 bool(false)
 bool(false)
 bool(false)
+bool(false)
+bool(false)
+bool(false)
 string(10) "http://qwe"
 bool(false)
 bool(false)
@@ -80,4 +86,4 @@ bool(false)
 string(42) "http://www.example.com/path/at/the/server/"
 bool(false)
 string(40) "http://www.example.com/index.php?a=b&c=d"
-Done
\ No newline at end of file
+Done

diff --git a/ext/standard/url.c b/ext/standard/url.c
index 57d8819bb704b919af247a02acceb17f40ceba8a..29ebbb7699073ce6381fbd2913a83505a1fb95a4 100644 (file)
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@ -176,7 +176,7 @@ PHPAPI php_url *php_url_parse_ex(char const *str, int length)
                                }       
                        }
                }       
-       } else if (e) { /* no scheme, look for port */
+       } else if (e) { /* no scheme; starts with colon: look for port */
                parse_port:
                p = e + 1;
                pp = p;
@@ -185,11 +185,14 @@ PHPAPI php_url *php_url_parse_ex(char const *str, int length)
                        pp++;
                }
 
-               if (pp-p < 6 && (*pp == '/' || *pp == '\0')) {
-                       memcpy(port_buf, p, (pp-p));
-                       port_buf[pp-p] = '\0';
-                       ret->port = atoi(port_buf);
-                       if (!ret->port && (pp - p) > 0) {
+               if (pp - p > 0 && pp - p < 6 && (*pp == '/' || *pp == '\0')) {
+                       long port;
+                       memcpy(port_buf, p, (pp - p));
+                       port_buf[pp - p] = '\0';
+                       port = strtol(port_buf, NULL, 10);
+                       if (port > 0 && port <= 65535) {
+                               ret->port = (unsigned short) port;
+                       } else {
                                STR_FREE(ret->scheme);
                                efree(ret);
                                return NULL;
@@ -269,10 +272,13 @@ PHPAPI php_url *php_url_parse_ex(char const *str, int length)
                                efree(ret);
                                return NULL;
                        } else if (e - p > 0) {
-                               memcpy(port_buf, p, (e-p));
-                               port_buf[e-p] = '\0';
-                               ret->port = atoi(port_buf);
-                               if (!ret->port && (e - p)) {
+                               long port;
+                               memcpy(port_buf, p, (e - p));
+                               port_buf[e - p] = '\0';
+                               port = strtol(port_buf, NULL, 10);
+                               if (port > 0 && port <= 65535) {
+                                       ret->port = (unsigned short)port;
+                               } else {
                                        STR_FREE(ret->scheme);
                                        STR_FREE(ret->user);
                                        STR_FREE(ret->pass);