php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #46343 IPv6 address filter accepts invalid address
Submitted: 2008-10-20 11:10 UTC Modified: 2008-10-20 23:23 UTC
From: daan at react dot nl Assigned:
Status: Closed Package: Filter related
PHP Version: 5.2.6 OS: Debian
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: daan at react dot nl
New email:
PHP Version: OS:

 

 [2008-10-20 11:10 UTC] daan at react dot nl
Description:
------------
The IPv6 address filter in the filter extension accepts invalid IPv6 address notations: `:1:2:3:4:5:6:7` and `1:2:3:4:5:6:7:`.
Relevant RFC: http://tools.ietf.org/html/rfc4291#section-2.2

Reproduce code:
---------------
var_dump(filter_var(':1:2:3:4:5:6:7', FILTER_VALIDATE_IP, FILTER_FLAG_IPV6));

Expected result:
----------------
false

Actual result:
--------------
':1:2:3:4:5:6:7'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-10-20 11:55 UTC] daan at react dot nl
A little correction: `1:2:3:4:5:6:7:` is in fact reported correctly as being invalid. (so only `:1:2:3:4:5:6:7` is faulty)
 [2008-10-20 23:23 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Dec 03 17:01:29 2024 UTC