]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f50ec4e)
Fixed ext/filter Email Validation Vulnerability
authorIlia Alshanetsky <iliaa@php.net>
Thu, 3 May 2007 23:38:27 +0000 (23:38 +0000)
committerIlia Alshanetsky <iliaa@php.net>
Thu, 3 May 2007 23:38:27 +0000 (23:38 +0000)
(MOPB-24 by Stefan Esser)

NEWS patch | blob | history
ext/filter/logical_filters.c patch | blob | history
ext/filter/tests/PMOPB45.phpt [new file with mode: 0644] patch | blob

diff --git a/NEWS b/NEWS
index 12a8c609a78b4e32b6034aa6d4918ed3cd0429ae..bc59054e1f41a482236f9958da46d36dc78e6203 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2007, PHP 5.2.3
+- Fixed ext/filter Email Validation Vulnerability (MOPB-24 by Stefan Esser)
+  (Ilia)
 
 03 May 2007, PHP 5.2.2
 - Improved bundled GD
diff --git a/ext/filter/logical_filters.c b/ext/filter/logical_filters.c
index 67e6d8de36e9f0907bfca7457273159858df3534..f54a83389dfb0cf136c00ea3f64bb770eca0668d 100644 (file)
--- a/ext/filter/logical_filters.c
+++ b/ext/filter/logical_filters.c
@@ -469,7 +469,7 @@ void php_filter_validate_url(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
 void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
 {
        /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */
-       const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/";
+       const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/D";
 
        pcre       *re = NULL;
        pcre_extra *pcre_extra = NULL;
diff --git a/ext/filter/tests/PMOPB45.phpt b/ext/filter/tests/PMOPB45.phpt
new file mode 100644 (file)
index 0000000..532eb21
--- /dev/null
+++ b/ext/filter/tests/PMOPB45.phpt
@@ -0,0 +1,11 @@
+--TEST--
+PMOPB-45-2007:PHP ext/filter Email Validation Vulnerability
+--SKIPIF--
+<?php if (!extension_loaded("filter")) die("skip"); ?>
+--FILE--
+<?php
+       $var = "test@example.com\n";
+       var_dump(filter_var($var, FILTER_VALIDATE_EMAIL));
+?>
+--EXPECT--     
+bool(false)
Unnamed repository; edit this file 'description' to name the repository.