Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number).

author: Ilia Alshanetsky <iliaa@php.net> 2011-02-04 21:41:15 +0000
committer: Ilia Alshanetsky <iliaa@php.net> 2011-02-04 21:41:15 +0000
commit: 218448bfa07b05494efacc1f5983dde91e16c251 (patch)
tree: e71cc3cc32e56c7f9024759af9e61789f8334e48 /ext/standard/url.c
parent: 07fb5ca429427fdcd42bdcef6efc9ee602cd66ee (diff)
download: php-git-218448bfa07b05494efacc1f5983dde91e16c251.tar.gz
1 files changed, 14 insertions, 2 deletions
diff --git a/ext/standard/url.c b/ext/standard/url.c
index 2e29c9dd4d..00f5694e07 100644
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@ -180,15 +180,20 @@ PHPAPI php_url *php_url_parse_ex(char const *str, int length)
 		parse_port:
 		p = e + 1;
 		pp = p;
-		
+
 		while (pp-p < 6 && isdigit(*pp)) {
 			pp++;
 		}
-		
+
 		if (pp-p < 6 && (*pp == '/' || *pp == '\0')) {
 			memcpy(port_buf, p, (pp-p));
 			port_buf[pp-p] = '\0';
 			ret->port = atoi(port_buf);
+			if (!ret->port && (pp - p) > 0) {
+				STR_FREE(ret->scheme);
+				efree(ret);
+				return NULL;
+			}
 		} else {
 			goto just_path;
 		}
@@ -267,6 +272,13 @@ PHPAPI php_url *php_url_parse_ex(char const *str, int length)
 				memcpy(port_buf, p, (e-p));
 				port_buf[e-p] = '\0';
 				ret->port = atoi(port_buf);
+				if (!ret->port && (e - p)) {
+					STR_FREE(ret->scheme);
+					STR_FREE(ret->user);
+					STR_FREE(ret->pass);
+					efree(ret);
+					return NULL;
+				}
 			}
 			p--;
 		}
author	Ilia Alshanetsky <iliaa@php.net>	2011-02-04 21:41:15 +0000
committer	Ilia Alshanetsky <iliaa@php.net>	2011-02-04 21:41:15 +0000
commit	218448bfa07b05494efacc1f5983dde91e16c251 (patch)
tree	e71cc3cc32e56c7f9024759af9e61789f8334e48 /ext/standard/url.c
parent	07fb5ca429427fdcd42bdcef6efc9ee602cd66ee (diff)
download	php-git-218448bfa07b05494efacc1f5983dde91e16c251.tar.gz