php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #32127 is_numeric() not binary safe
Submitted: 2005-02-27 12:58 UTC Modified: 2005-04-14 09:44 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: M dot Kooiman at MAP-IS dot nl Assigned: derick (profile)
Status: Closed Package: Variables related
PHP Version: 4CVS, 5CVS (2005-02-27) OS: *
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: M dot Kooiman at MAP-IS dot nl
New email:
PHP Version: OS:

 

 [2005-02-27 12:58 UTC] M dot Kooiman at MAP-IS dot nl
Description:
------------
Hi,

It seems is_numeric() isn't binary safe. Which, in itself isn't a big problem, but it becomes a problem when is_numeric () is used as input (GET/POST) validation. 





Reproduce code:
---------------
<?php

/*
 * I'm fully aware you should first sanitize the data before outputting. The following code
 * is just an example pointing out the problem. Also consider situations where
 * the result is trusted because of is_numeric() and then used in SQL queries.
 */

/* call this like: file.php?whatever=123%00<script>alert(document.cookie);</script>
*/

if (is_numeric($_GET['whatever']))
{
    echo "Whatever: {$_GET['whatever']}<br>";
} else{
    echo 'The string isn't numeric.';
}

?>


Expected result:
----------------
is_numeric() should fail the string because it contains extra arbitrary data.


Actual result:
--------------
is_numeric() will validate a string that has a number + null char + arbitrary data as a valid number.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-04-05 10:18 UTC] tony2001@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.0-win32-latest.zip

I can't reproduce it with latest snapshots.
 [2005-04-13 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2005-04-14 09:44 UTC] M dot Kooiman at MAP-IS dot nl
Hello Tony,

I just tried with the most recent version that's available on my machine Ubuntu Hoary Hedgehog: PHP 4.3.10(-10ubuntu4) and it seems that it's fixed in that aswell, so I'm sure PHP5 is ok.

Mathieu
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Sat Jul 12 09:01:33 2025 UTC