PHP :: Request #62159 :: All ports greater than 65535 in parse

All ports greater than 65535 in parse_url

Submitted:

2012-05-25 15:18 UTC

Modified:

2012-05-29 12:07 UTC

Votes:	4
Avg. Score:	2.5 ± 0.9
Reproduced:	3 of 3 (100.0%)
Same Version:	2 (66.7%)
Same OS:	2 (66.7%)

From:

mfsole at hotmail dot com

Assigned:

Status:

Open

Package:

URL related

PHP Version:

5.3.13

OS:

Linux

Private report:

CVE-ID:

None

View Developer Edit

[2012-05-25 15:18 UTC] mfsole at hotmail dot com

Description:
------------
Currently the parse_url function only recognizes ports from 0-65535. Firstly this 
isn't really documented on the site. Secondly, while it is true that valid port 
numbers for http requests are less than 65535 there are other types of URLs which 
have port numbers that can exceed that limit. This is very common in the SMS world 
as the port number is used to indicate short code. Here is an example:

ctpp://ericsson:78325/?carrier=31003&address=2125551212

I don't see any real benefit to limiting the port number, more over the function 
appears to arbitrarily rewrite the port number. So the above example gets reported 
as 12789.

Best case scenario would be to just allow numbers of any size. PHP is understood 
to be loosely type so enforcing type here is inconsistent. At the very least 
document the behavior on the site (I will add post to the function for others). 

Test script:
---------------
<?php
$url = 'ctpp://ericsson:78325/?carrier=31003&address=2125551212';
$parsedURL = parse_url($url);
var_dump($parsedURL);



Expected result:
----------------
array (size=5)
  'scheme' => string 'ctpp' (length=4)
  'host' => string 'ericsson' (length=8)
  'port' => int 78325
  'path' => string '/' (length=1)
  'query' => string 'carrier=31003&address=2125551212' (length=32)

Actual result:
--------------
array (size=5)
  'scheme' => string 'ctpp' (length=4)
  'host' => string 'ericsson' (length=8)
  'port' => int 12789
  'path' => string '/' (length=1)
  'query' => string 'carrier=31003&address=2125551212' (length=32)

Patches

Pull Requests

Pull requests:

Fix for bug 62159 (support larger port numbers in URL). (php-src/1915)

History

AllCommentsChangesGit/SVN commitsRelated reports

[2012-05-25 19:29 UTC] riptide dot tempora at opinehub dot com

https://en.wikipedia.org/wiki/Goatse_Security#Browser_vulnerabilities <-- relevant

[2012-05-29 02:51 UTC] kriss at krizalys dot com

I have the same behavior with older PHP 5.3.5/Windows 7 x64

However, I noticed that PHP 5.3.13/Gentoo x86_64 is even more strict and returns FALSE (meaning "really bad-formed URL" according to the doc) for the given URL. The port is the reason of this failure because changing it to something in the range 0 - 65535 will return the expected information.

[2012-05-29 12:07 UTC] mfsole at hotmail dot com

Well returning false would be a better behavior than returning an arbitrary 
number. However I was forced to switch to the Pear package Net_URL2 which does not 
have this behavior.

Again, I need to stress that valid port numbers  are only relavant when making TCP 
requests (ssh, http, https, etc) but URLs are used for other things, like the 
examples I gave.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri Oct 31 02:00:02 2025 UTC