php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80584 "0x" and "0X" are considered valid hex numbers by filter_var()
Submitted: 2021-01-04 14:22 UTC Modified: -
From: girgias@php.net Assigned:
Status: Closed Package: filter (PECL)
PHP Version: 7.4.14RC1 OS:
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: girgias@php.net
New email:
PHP Version: OS:

 

 [2021-01-04 14:22 UTC] girgias@php.net
Description:
------------
The filter extension considers "0x" and "0X" valid hexadecimal numbers when passed through the FILTER_VALIDATE_INT filter with the FILTER_FLAG_ALLOW_HEX flag.

Test script:
---------------
https://3v4l.org/m1Pnc

<?php

var_dump(filter_var('0x', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
var_dump(filter_var('0X', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
var_dump(filter_var('', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
var_dump(filter_var('0', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));

Expected result:
----------------
bool(false)
bool(false)
bool(false)
int(0)

Actual result:
--------------
int(0)
int(0)
bool(false)
int(0)

Patches

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-01-04 14:28 UTC] girgias@php.net
The following pull request has been associated:

Patch Name: Fix bug #80584: 0x and 0X are considered valid hex numbers by filter_var()
On GitHub:  https://github.com/php/php-src/pull/6573
Patch:      https://github.com/php/php-src/pull/6573.patch
 [2021-01-04 17:09 UTC] girgias@php.net
Automatic comment on behalf of girgias
Revision: http://git.php.net/?p=php-src.git;a=commit;h=764b7bf1088af940f9de7aca13da8de56a63aa3f
Log: Fix bug #80584: 0x and 0X are considered valid hex numbers by filter_var()
 [2021-01-04 17:09 UTC] girgias@php.net
-Status: Open +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Dec 11 22:01:27 2024 UTC