From 764b7bf1088af940f9de7aca13da8de56a63aa3f Mon Sep 17 00:00:00 2001 From: George Peter Banyard Date: Mon, 4 Jan 2021 15:24:53 +0100 Subject: [PATCH] Fix bug #80584: 0x and 0X are considered valid hex numbers by filter_var() Closes GH-6573 --- NEWS | 4 ++++ ext/filter/logical_filters.c | 3 +++ ext/filter/tests/bug80584.phpt | 18 ++++++++++++++++++ 3 files changed, 25 insertions(+) create mode 100644 ext/filter/tests/bug80584.phpt diff --git a/NEWS b/NEWS index 57572a1417..e356a0331a 100644 --- a/NEWS +++ b/NEWS @@ -14,6 +14,10 @@ PHP NEWS . Fixed bug #80537 (Wrong parameter type in DOMElement::removeAttributeNode stub). (Nikita) +- Filter: + . Fixed bug #80584 (0x and 0X are considered valid hex numbers by + filter_var()). (girgias) + - MySQLi: . Fixed bug #67983 (mysqlnd with MYSQLI_OPT_INT_AND_FLOAT_NATIVE fails to interpret bit columns). (Nikita) diff --git a/ext/filter/logical_filters.c b/ext/filter/logical_filters.c index a9fcc01d01..392156b539 100644 --- a/ext/filter/logical_filters.c +++ b/ext/filter/logical_filters.c @@ -233,6 +233,9 @@ void php_filter_int(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ p++; len--; if (allow_hex && (*p == 'x' || *p == 'X')) { p++; len--; + if (len == 0) { + RETURN_VALIDATION_FAILED + } if (php_filter_parse_hex(p, len, &ctx_value) < 0) { error = 1; } diff --git a/ext/filter/tests/bug80584.phpt b/ext/filter/tests/bug80584.phpt new file mode 100644 index 0000000000..ede6a4bcdc --- /dev/null +++ b/ext/filter/tests/bug80584.phpt @@ -0,0 +1,18 @@ +--TEST-- +Bug #80584: "0x" and "0X" are considered valid hex numbers by filter_var() +--SKIPIF-- + +--FILE-- + +--EXPECT-- +bool(false) +bool(false) +bool(false) +int(0) -- 2.50.1