mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-12-15 21:05:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large

Browse Source 
amount of data).
This commit is contained in:
Adam Harvey 2010-09-27 07:08:04 +00:00
parent 4839387edd
commit 2d4c7b4033
3 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
NEWS
View File

@ -21,6 +21,8 @@
- Fixed possible crash in mssql_fetch_batch(). (Kalle)
- Fixed inconsistent backlog default value (-1) in FPM on many systems. (fat)
- Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data). (Adam)
- Fixed bug #52926 (zlib fopen wrapper does not use context). (Gustavo)
- Fixed bug #52891 (Wrong data inserted with mysqli/mysqlnd when using
mysqli_stmt_bind_param and value> PHP_INT_MAX). (Andrey)

5
ext/filter/logical_filters.c
View File

@ -531,6 +531,11 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
int matches;
/* The maximum length of an e-mail address is 320 octets, per RFC 2821. */
if (Z_STRLEN_P(value) > 320) {
RETURN_VALIDATION_FAILED
}
re = pcre_get_compiled_regex((char *)regexp, &pcre_extra, &preg_options TSRMLS_CC);
if (!re) {
RETURN_VALIDATION_FAILED

18
ext/filter/tests/bug52929.phpt Normal file
View File

@ -0,0 +1,18 @@
--TEST--
Bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data)
--SKIPIF--
<?php if (!extension_loaded("filter")) die("skip"); ?>
--FILE--
<?php
var_dump(filter_var('valid@email.address', FILTER_VALIDATE_EMAIL));
// Beyond the allowable limit for an e-mail address.
var_dump(filter_var('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy.zz', FILTER_VALIDATE_EMAIL));
// An invalid address likely to crash PHP due to stack exhaustion if it goes to
// the validation regex.
var_dump(filter_var(str_repeat('x', 8000), FILTER_VALIDATE_EMAIL));
--EXPECT--
string(19) "valid@email.address"
bool(false)
bool(false)