Skip to content
This repository has been archived by the owner on May 16, 2018. It is now read-only.

Zend_Validate_Hostname: disallowed Unicode code point #322

Closed
kerwitz opened this issue Apr 3, 2014 · 11 comments · Fixed by #472
Closed

Zend_Validate_Hostname: disallowed Unicode code point #322

kerwitz opened this issue Apr 3, 2014 · 11 comments · Fixed by #472
Labels
bug Zend_Validate
Milestone
1.12.10

Comments

@kerwitz
Copy link

kerwitz commented Apr 3, 2014

Zend Version: 1.12 (also tested on 1.12.5)
PHP Version: 5.4.4-14+deb7u8 and upwards
Related to: http://www.framework.zend.com/issues/browse/ZF-12270

Description:

The hostname validator fails on line 615:

$status = @preg_match($regexChar, $domainPart);

with error:

PHP-Error E_WARNING:
preg_match(): Compilation failed: disallowed Unicode code point (>= 0xd800 && <= 0xdfff) at offset 9
on line 615

when trying to validate hostnames with three letter tlds (example input: test.com).

Workaround (Line 615):

- $status = @preg_match($regexChar, $domainPart);
+ // [fix] In PHP 5.4.4+ an empty $domainPart will
+ //       cause preg_match to throw a "disallowed
+ //       Unicode code point" error.
+ if ( empty( $domainPart ) ) continue;
+ // [/fix]
+ $status = @preg_match($regexChar, $domainPart);
@froschdesign
Copy link
Member

ping @mhujer

@mhujer
Copy link
Contributor

mhujer commented Nov 13, 2014

ok :-)

mhujer added a commit to mhujer/zf1 that referenced this issue Nov 28, 2014
@mhujer
Testcase for zendframework#322
f5769d3
mhujer added a commit to mhujer/zf1 that referenced this issue Nov 28, 2014
@mhujer
Testcase for zendframework#322
5dfb778
@mhujer mhujer mentioned this issue Nov 28, 2014
Merged
@mhujer
Copy link
Contributor

mhujer commented Nov 28, 2014

@froschdesign Seems that it is not failing on travis so it has been probably fixed in newer PCRE

@froschdesign froschdesign removed the bug label Nov 29, 2014
@froschdesign
Copy link
Member

Seems that it is not failing on travis so it has been probably fixed in newer PCRE

So I will close this issue.

@froschdesign
Copy link
Member

@mhujer
Thanks!

mhujer added a commit to mhujer/zf1 that referenced this issue Nov 29, 2014
@mhujer
Testcase for zendframework#322
f404e04
froschdesign added a commit that referenced this issue Nov 29, 2014
@froschdesign
Merge pull request #469 from mhujer/gh-322
007f538 
[Zend_Validate] Testcase for #322
@marc-mabe
Copy link
Member

Why this bug is closed? ZF1 should be compatible down to PHP-5.3.?. This bug exists with PHP-5.4.34 (default on current debian-7.7) and I don't know about some ZF restrictions to PCRE version.

Please reopen

@mhujer
Copy link
Contributor

mhujer commented Dec 5, 2014

@marc-mabe I couldn't confirm the issue (write a failing test). Can you please run the Zend/Validate/HostnameTest.php test and paste the output here?

@marc-mabe
Copy link
Member

@mhujer please remove the error suppression operator on preg_match in Zend/Validate/Hostname.php on line 1487

@froschdesign
Copy link
Member

@marc-mabe
You are right!
Any ideas for a solution?

(Btw. Thanks for the feedback.)

@froschdesign froschdesign reopened this Dec 5, 2014
@marc-mabe
Copy link
Member

With this operator all tests passes. I'm unsure what's wrong but I get the message sometimes on production servers and can't see currently the input domain.
So I don't know if the validating result is wrong but the error message and the suppression operator have to go

mhujer added a commit to mhujer/zf1 that referenced this issue Dec 5, 2014
@mhujer
Prevent the PCRE error: preg_match(): Compilation failed: disallowed …
91a54c9 
…Unicode code point (>= 0xd800 && <= 0xdfff)

- removed the testCom() test as it did not fail even when other tests were failing (the Unicode error is related to IDN domain, not to standard .com domain)
- Fixes zendframework#322
@mhujer mhujer mentioned this issue Dec 5, 2014
Merged
@mhujer
Copy link
Contributor

mhujer commented Dec 5, 2014

@marc-mabe It was related to some IDN domain - therefore the randomness (I suppose not many people use e-mail on IDN .com domain - it must cause them problems all over the internet)

see the #472 for possible fix

@froschdesign froschdesign added this to the 1.12.10 milestone Dec 6, 2014
This was referenced Dec 12, 2014
Closed
Closed
anupdugar added a commit to anupdugar/zf1 that referenced this issue Feb 6, 2015
@anupdugar
Merge tag 'release-1.12.10'
498ff6a 
Zend Framework 1.12.10

- [1: isLast not working as expected in Zend&zendframework#95;Service&zendframework#95;Amazon&zendframework#95;SimpleDb&zendframework#95;Page](zendframework#1)
- [8: Zend&zendframework#95;Loader&zendframework#95;ClassMapAutoloader is not auto included when using Zend&zendframework#95;Loader&zendframework#95;AutoloaderFactory::factory](zendframework#8)
- [15: Zend&zendframework#95;Db&zendframework#95;Table&zendframework#95;Abstract::delete does not delete from dependent table](zendframework#15)
- [32: Zend&zendframework#95;Soap&zendframework#95;Client has no 'exceptions' flag.](zendframework#32)
- [62: Zend&zendframework#95;Validate&zendframework#95;EmailAddress-&gt;&zendframework#95;validateMXRecords() fails on Umlaut-Domains](zendframework#62)
- [187: Zend&zendframework#95;Rest&zendframework#95;Server does not properly handle optional parameters when anonymous (arg1, etc) parameters are passed in](zendframework#187)
- [322: Zend&zendframework#95;Validate&zendframework#95;Hostname: disallowed Unicode code point](zendframework#322)
- [324: SlideShare API change some tag names.](zendframework#324)
- [345: CallbackHandler throws warning if WeakRef-extension not installed](zendframework#345)
- [377: Zend&zendframework#95;Console&zendframework#95;Getopt: Missing required parameter consumes next option as its parameter value](zendframework#377)
- [400: PHPUnit contraints: use real class names to help classmap generators](zendframework#400)
- [426: Use relative filenames for &zendframework#95;validIdns for direct include in Zend&zendframework#95;Validate&zendframework#95;Hostname](zendframework#426)
- [434: Corrected type of property &zendframework#95;currentRoute](zendframework#434)
- [440: Zend&zendframework#95;Controller&zendframework#95;Dispatcher&zendframework#95;Abstract::&zendframework#95;formatName() inconsistent with Action name handling](zendframework#440)
- [441: Loosen regex to allow nested function calls in SQL](zendframework#441)
- [444: Update Zend&zendframework#95;Validate&zendframework#95;Hostname TLDs list to 2014102301 version](zendframework#444)
- [446: fix typo unkown -&gt; unknown](zendframework#446)
- [448: fix travis ci build for php 5.2](zendframework#448)
- [449: Zend&zendframework#95;Date doesn't create correct date when seconds are missing from 8601 format](zendframework#449)
- [452: &quot;fluent&quot;, not &quot;fluid&quot;](zendframework#452)
- [453: Zend&zendframework#95;Cache&zendframework#95;Backend&zendframework#95;Memcached looks at &quot;bytes&quot;, but Couchbase 1.x returns &quot;mem&zendframework#95;used&quot;](zendframework#453)
- [456: Documentation of Zend&zendframework#95;Feed&zendframework#95;Pubsubhubbub&zendframework#95;Model&zendframework#95;ModelAbstract](zendframework#456)
- [458: Fixed bug in quoteInto with $count parameter and question sign in $value](zendframework#458)
- [461: CDATA section for category elements in RSS feed](zendframework#461)
- [465: Zend&zendframework#95;Currency creates invalid cache ids for values with fractions](zendframework#465)
- [467: debug&zendframework#95;backtrace() called twice when only once needed ](zendframework#467)
- [468: Zend&zendframework#95;Validate&zendframework#95;Hostname improvements](zendframework#468)
- [469: &zendframework#91;Zend&zendframework#95;Validate&zendframework#92; Testcase for zendframework#322](zendframework#469)
- [471: End of life for PHPUnit installation using pear](zendframework#471)
- [475: Zend Json Server Exception is missing the method name](zendframework#475)
- [478: Create .gitattributes to mirror archive { } in composer.json](zendframework#478)
- [480: Virtual machine doesn't install initial packages](zendframework#480)
- [483: Update copyright to 2015](zendframework#483)
- [484: Adds content headers on POST request in Zend&zendframework#95;Controller&zendframework#95;Request&zendframework#95;HTTP](zendframework#484)
- [487: Allow overriding cache id and tag validation in Zend&zendframework#95;Cache](zendframework#487)
- [488: Zend&zendframework#95;Dojo&zendframework#95;View&zendframework#95;Helper&zendframework#95;Dojo&zendframework#95;Container setCdnVersion error...](zendframework#488)
- [490: Added more specific return documentation for Zend&zendframework#95;Navigation Pages](zendframework#490)

# gpg verification failed.

Conflicts:
	README.md
	library/Zend/Application/Resource/Frontcontroller.php
	library/Zend/Application/Resource/Translate.php
	library/Zend/Barcode/Object/ObjectAbstract.php
	library/Zend/Controller/Router/Rewrite.php
	library/Zend/Db/Select.php
	library/Zend/EventManager/Filter/FilterIterator.php
	library/Zend/EventManager/GlobalEventManager.php
	library/Zend/Gdata/HttpAdapterStreamingProxy.php
	library/Zend/Mime/Part.php
	library/Zend/Mobile/Push/Message/Abstract.php
	library/Zend/Rest/Server.php
	library/Zend/Service/Rackspace/Files.php
	library/Zend/Service/SlideShare.php
	library/Zend/Test/PHPUnit/ControllerTestCase.php
	library/Zend/Validate/Hostname.php
	library/Zend/Version.php
dgiotas pushed a commit to tripsta/zf1 that referenced this issue Jun 17, 2016
@mhujer
Testcase for zendframework#322
e278a9e
dgiotas pushed a commit to tripsta/zf1 that referenced this issue Jun 17, 2016
@mhujer
Prevent the PCRE error: preg_match(): Compilation failed: disallowed …
c052452 
…Unicode code point (>= 0xd800 && <= 0xdfff)

- removed the testCom() test as it did not fail even when other tests were failing (the Unicode error is related to IDN domain, not to standard .com domain)
- Fixes zendframework#322
antonis179 pushed a commit to tripsta/zf1 that referenced this issue Jan 11, 2018
@mhujer
Testcase for zendframework#322
00e9604
antonis179 pushed a commit to tripsta/zf1 that referenced this issue Jan 11, 2018
@mhujer
Prevent the PCRE error: preg_match(): Compilation failed: disallowed …
177df71 
…Unicode code point (>= 0xd800 && <= 0xdfff)

- removed the testCom() test as it did not fail even when other tests were failing (the Unicode error is related to IDN domain, not to standard .com domain)
- Fixes zendframework#322
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Zend_Validate
Projects
None yet
Milestone
1.12.10
4 participants
@froschdesign @kerwitz @marc-mabe @mhujer