Project

General

Profile

Actions

Bug #23648

closed

Mitigate libpcre recursion crash in email address validation

Added by Marcus Krause about 14 years ago. Updated about 14 years ago.

Status:
Closed
Priority:
Must have
Assignee:
Category:
-
Target version:
-
Start date:
2010-09-29
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.3
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

PHP's ext/filter causes a libpcre recursion crash in email address validation. This happens when a string to validate is of an unusual long length.

The report mentions a limit of 1000 characters on a FreeBSD system (PHP 5.2.14).

X-Reference: #2010092410000017
Reported by: Bjoern Pedersen

Confirmed by PHP Security Team. Claimed to be an expected behaviour.
(issue imported from #M15860)


Files

15860_4-4.diff (656 Bytes) 15860_4-4.diff Administrator Admin, 2010-09-29 20:02
15860_trunk.diff (656 Bytes) 15860_trunk.diff Administrator Admin, 2010-09-29 20:10
15860_4-3.diff (656 Bytes) 15860_4-3.diff Administrator Admin, 2010-09-29 20:18
15860_trunk_v1.diff (711 Bytes) 15860_trunk_v1.diff Administrator Admin, 2010-10-04 23:17
15860_4-4_v1.diff (711 Bytes) 15860_4-4_v1.diff Administrator Admin, 2010-10-04 23:30
15860_4-3_v1.diff (711 Bytes) 15860_4-3_v1.diff Administrator Admin, 2010-10-04 23:47

Related issues 1 (0 open1 closed)

Has duplicate TYPO3 Core - Bug #23769: Server crashes calling t3lib_div::validEmail() with a string which has more characters than 2264Closed2010-10-17

Actions
Actions

Also available in: Atom PDF