If a colon occurs in a query string or fragment of a partial URL without
scheme, parse_url() tries to regard it as port separator. If up to 5 digits
follow and then a slash or the end of the string, parse_url() fails.
We're fixing this by checking whether the colon is part of the query string or
the fragment, under the assumption that question marks and hash signs are only
allowed as separators of query string and fragments, respectively, what is
guarenteed for URIs (RFC 3986), but not necessarily for URLs (RFC 1738) where
question marks are allowed for usernames and passwords.
Anyhow, this constitutes a minor BC, so the fix is applied to master only.
--- /dev/null
+--TEST--
+Bug #69976 (Unable to parse "all" urls with colon char)
+--FILE--
+<?php
+var_dump(parse_url("/busca/?fq=B:20001"));
+var_dump(parse_url("/busca/?fq=B:200013"));
+var_dump(parse_url("/busca/?fq=home:01234"));
+var_dump(parse_url("/busca/?fq=home:012345"));
+?>
+--EXPECT--
+array(2) {
+ ["path"]=>
+ string(7) "/busca/"
+ ["query"]=>
+ string(10) "fq=B:20001"
+}
+array(2) {
+ ["path"]=>
+ string(7) "/busca/"
+ ["query"]=>
+ string(11) "fq=B:200013"
+}
+array(2) {
+ ["path"]=>
+ string(7) "/busca/"
+ ["query"]=>
+ string(13) "fq=home:01234"
+}
+array(2) {
+ ["path"]=>
+ string(7) "/busca/"
+ ["query"]=>
+ string(14) "fq=home:012345"
+}
while (p < e) {
/* scheme = 1*[ lowalpha | digit | "+" | "-" | "." ] */
if (!isalpha(*p) && !isdigit(*p) && *p != '+' && *p != '.' && *p != '-') {
- if (e + 1 < ue) {
+ if (e + 1 < ue && e < s + strcspn(s, "?#")) {
goto parse_port;
} else {
goto just_path;
projects / php / commitdiff