You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by se...@apache.org on 2017/02/04 14:01:24 UTC
svn commit: r1781670 - in /commons/proper/validator/trunk/src:
changes/changes.xml
main/java/org/apache/commons/validator/routines/UrlValidator.java
test/java/org/apache/commons/validator/routines/UrlValidatorTest.java
Author: sebb
Date: Sat Feb 4 14:01:24 2017
New Revision: 1781670
URL: http://svn.apache.org/viewvc?rev=1781670&view=rev
Log:
VALIDATOR-411 UrlValidator accepts ports above max limit of 16-bit unsigned integer
Modified:
commons/proper/validator/trunk/src/changes/changes.xml
commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java
commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java
Modified: commons/proper/validator/trunk/src/changes/changes.xml
URL: http://svn.apache.org/viewvc/commons/proper/validator/trunk/src/changes/changes.xml?rev=1781670&r1=1781669&r2=1781670&view=diff
==============================================================================
--- commons/proper/validator/trunk/src/changes/changes.xml (original)
+++ commons/proper/validator/trunk/src/changes/changes.xml Sat Feb 4 14:01:24 2017
@@ -90,6 +90,9 @@ The dependencies for Validator have not
For the current list of dependencies, please see
http://commons.apache.org/validator/dependencies.html
">
+ <action issue="VALIDATOR-411" type="fix" dev="sebb">
+ UrlValidator accepts ports above max limit of 16-bit unsigned integer
+ </action>
<action type="update" dev="sebb">
IANA TLD lists: Updated to Version 2017020400, Last Updated Sat Feb 4 07:07:01 2017 UTC
</action>
Modified: commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java
URL: http://svn.apache.org/viewvc/commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java?rev=1781670&r1=1781669&r2=1781670&view=diff
==============================================================================
--- commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java (original)
+++ commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java Sat Feb 4 14:01:24 2017
@@ -156,8 +156,7 @@ public class UrlValidator implements Ser
private static final int PARSE_AUTHORITY_HOST_IP = 2; // excludes userinfo, if present
- // Not needed, because it is validated by AUTHORITY_REGEX
-// private static final int PARSE_AUTHORITY_PORT = 3;
+ private static final int PARSE_AUTHORITY_PORT = 3; // excludes leading colon
/**
* Should always be empty. The code currently allows spaces.
@@ -413,6 +412,17 @@ public class UrlValidator implements Ser
return false;
}
}
+ String port = authorityMatcher.group(PARSE_AUTHORITY_PORT);
+ if (port != null && port.length() > 0) {
+ try {
+ long iPort = Integer.parseInt(port);
+ if (iPort < 0 || iPort > 0xFFFF) {
+ return false;
+ }
+ } catch (NumberFormatException nfe) {
+ return false; // this can happen for big numbers
+ }
+ }
}
String extra = authorityMatcher.group(PARSE_AUTHORITY_EXTRA);
Modified: commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java
URL: http://svn.apache.org/viewvc/commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java?rev=1781670&r1=1781669&r2=1781670&view=diff
==============================================================================
--- commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java (original)
+++ commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java Sat Feb 4 14:01:24 2017
@@ -322,6 +322,15 @@ protected void setUp() {
assertTrue(urlValidator.isValid("http://example.rocks"));
}
+ public void testValidator411(){
+ UrlValidator urlValidator = new UrlValidator();
+ assertTrue(urlValidator.isValid("http://example.rocks:/"));
+ assertTrue(urlValidator.isValid("http://example.rocks:0/"));
+ assertTrue(urlValidator.isValid("http://example.rocks:65535/"));
+ assertFalse(urlValidator.isValid("http://example.rocks:65536/"));
+ assertFalse(urlValidator.isValid("http://example.rocks:100000/"));
+ }
+
static boolean incrementTestPartsIndex(int[] testPartsIndex, Object[] testParts) {
boolean carry = true; //add 1 to lowest order part.
boolean maxIndex = true;
@@ -533,11 +542,12 @@ protected void setUp() {
new ResultPair("", false)
};
ResultPair[] testUrlPort = {new ResultPair(":80", true),
- new ResultPair(":65535", true),
+ new ResultPair(":65535", true), // max possible
new ResultPair(":0", true),
new ResultPair("", true),
new ResultPair(":-1", false),
- new ResultPair(":65636", true),
+ new ResultPair(":65636", false),
+ new ResultPair(":999999999999999999", false),
new ResultPair(":65a", false)
};
ResultPair[] testPath = {new ResultPair("/test1", true),