php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #75431 False negative filtering a string with short IPv4
Submitted: 2017-10-24 17:50 UTC Modified: 2017-10-24 22:40 UTC
From: skv at eml dot ru Assigned:
Status: Not a bug Package: Filter related
PHP Version: Irrelevant OS: linux (debian/ubuntu)
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
49 - 5 = ?
Subscribe to this entry?

 
 [2017-10-24 17:50 UTC] skv at eml dot ru 
Description:
------------
---
From manual page: http://www.php.net/filter.filters.validate
---

The FILTER_VALIDATE_IP ignores short notations of IPv4 address (e.g. "127.1") and falsely reports them to not be valid IP Addresses.
It somehow manages to recognize short forms of IPv6 addresses though (e.g. "::1").

Btw, simple telnet manages to recognize 'em:
$ telnet 127.1 22
Trying 127.0.0.1...
Connected to 127.1.
Escape character is '^]'.
SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2

Test script:
---------------
#!/bin/bash

php -r 'var_dump( filter_var("127.1", FILTER_VALIDATE_IP) );'

Expected result:
----------------
string(5) "127.1"

Actual result:
--------------
bool(false)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-10-24 22:40 UTC] kalle@php.net
-Status: Open +Status: Not a bug
 [2017-10-24 22:40 UTC] kalle@php.net 
The ext/filter extension conforms RFC791 which does not specify any short notation. You may want to consider using the inet_*() family functions for non standardized conversions.

Thanks!
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 26 10:01:31 2024 UTC