From 27fb503751df8a0a892ee8272e94af4674338c0a Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Mon, 7 Sep 2009 02:35:25 +0000 Subject: [PATCH] Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). --- NEWS | 4 ++-- ext/filter/sanitizing_filters.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 2f06f752d2..0f4b9201a3 100644 --- a/NEWS +++ b/NEWS @@ -1,10 +1,10 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 0? Sep 2009, PHP 5.2.11 -- Fixed bug #48060 (pdo_pgsql - large objects are returned as empty). (Matteo) +- Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). - Fixed bug #49447 (php engine needs to correctly check for socket API return status on windows). (Sriram Natarajan) - +- Fixed bug #48060 (pdo_pgsql - large objects are returned as empty). (Matteo) 03 Sep 2009, PHP 5.2.11RC2 - Added missing sanity checks around exif processing. (Ilia) diff --git a/ext/filter/sanitizing_filters.c b/ext/filter/sanitizing_filters.c index 24eafd13da..cdfe08c29b 100644 --- a/ext/filter/sanitizing_filters.c +++ b/ext/filter/sanitizing_filters.c @@ -275,7 +275,7 @@ void php_filter_unsafe_raw(PHP_INPUT_FILTER_PARAM_DECL) void php_filter_email(PHP_INPUT_FILTER_PARAM_DECL) { /* Check section 6 of rfc 822 http://www.faqs.org/rfcs/rfc822.html */ - const unsigned char allowed_list[] = LOWALPHA HIALPHA DIGIT "!#$%&'*+-/=?^_`{|}~@.[]"; + const unsigned char allowed_list[] = LOWALPHA HIALPHA DIGIT "!#$%&'*+-=?^_`{|}~@.[]"; filter_map map; filter_map_init(&map); -- 2.50.1