php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80584 "0x" and "0X" are considered valid hex numbers by filter_var()
Submitted: 2021-01-04 14:22 UTC Modified: -
From: girgias@php.net Assigned:
Status: Closed Package: filter (PECL)
PHP Version: 7.4.14RC1 OS:
Private report: No CVE-ID: None
 [2021-01-04 14:22 UTC] girgias@php.net
Description:
------------
The filter extension considers "0x" and "0X" valid hexadecimal numbers when passed through the FILTER_VALIDATE_INT filter with the FILTER_FLAG_ALLOW_HEX flag.

Test script:
---------------
https://3v4l.org/m1Pnc

<?php

var_dump(filter_var('0x', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
var_dump(filter_var('0X', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
var_dump(filter_var('', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
var_dump(filter_var('0', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));

Expected result:
----------------
bool(false)
bool(false)
bool(false)
int(0)

Actual result:
--------------
int(0)
int(0)
bool(false)
int(0)

Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-01-04 14:28 UTC] girgias@php.net
The following pull request has been associated:

Patch Name: Fix bug #80584: 0x and 0X are considered valid hex numbers by filter_var()
On GitHub:  https://github.com/php/php-src/pull/6573
Patch:      https://github.com/php/php-src/pull/6573.patch
 [2021-01-04 17:09 UTC] girgias@php.net
Automatic comment on behalf of girgias
Revision: http://git.php.net/?p=php-src.git;a=commit;h=764b7bf1088af940f9de7aca13da8de56a63aa3f
Log: Fix bug #80584: 0x and 0X are considered valid hex numbers by filter_var()
 [2021-01-04 17:09 UTC] girgias@php.net
-Status: Open +Status: Closed
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu Feb 25 03:01:24 2021 UTC