Fix bug #80584: 0x and 0X are considered valid hex numbers by filter_var()

Closes GH-6573
2025-08-16 05:58:45 +02:00 · 2021-01-04 15:24:53 +01:00 · 2021-01-04 15:24:53 +01:00 · 764b7bf108
commit 764b7bf108
parent 9f96b2bdc8
3 changed files with 25 additions and 0 deletions
--- a/4
+++ b/4
@ -14,6 +14,10 @@ PHP                                                                        NEWS
  . Fixed bug #80537 (Wrong parameter type in DOMElement::removeAttributeNode
    stub). (Nikita)

+- Filter:
+  . Fixed bug #80584 (0x and 0X are considered valid hex numbers by
+    filter_var()). (girgias)
+
 - MySQLi:
  . Fixed bug #67983 (mysqlnd with MYSQLI_OPT_INT_AND_FLOAT_NATIVE fails to
    interpret bit columns). (Nikita)
--- a/ext/filter/logical_filters.c
+++ b/ext/filter/logical_filters.c
@ -233,6 +233,9 @@ void php_filter_int(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
 		p++; len--;
 		if (allow_hex && (*p == 'x' || *p == 'X')) {
 			p++; len--;
+			if (len == 0) {
+				RETURN_VALIDATION_FAILED
+			}
 			if (php_filter_parse_hex(p, len, &ctx_value) < 0) {
 				error = 1;
 			}
--- a/ext/filter/tests/bug80584.phpt
+++ b/ext/filter/tests/bug80584.phpt
@ -0,0 +1,18 @@
+--TEST--
+Bug #80584: "0x" and "0X" are considered valid hex numbers by filter_var()
+--SKIPIF--
+<?php
+if (!extension_loaded('filter')) die('skip filter extension not available');
+?>
+--FILE--
+<?php
+var_dump(filter_var('0x', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
+var_dump(filter_var('0X', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
+var_dump(filter_var('', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
+var_dump(filter_var('0', FILTER_VALIDATE_INT, FILTER_FLAG_ALLOW_HEX));
+?>
+--EXPECT--
+bool(false)
+bool(false)
+bool(false)
+int(0)