svn commit: r1781670 - in /commons/proper/validator/trunk/src: changes/changes.xml main/java/org/apache/commons/validator/routines/UrlValidator.java test/java/org/apache/commons/validator/routines/UrlValidatorTest.java

Sat, 04 Feb 2017 06:01:39 -0800 

Author: sebb
Date: Sat Feb  4 14:01:24 2017
New Revision: 1781670

URL: http://svn.apache.org/viewvc?rev=1781670&view=rev
Log:
VALIDATOR-411 UrlValidator accepts ports above max limit of 16-bit unsigned 
integer

Modified:
    commons/proper/validator/trunk/src/changes/changes.xml
    
commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java
    
commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java

Modified: commons/proper/validator/trunk/src/changes/changes.xml
URL: 
http://svn.apache.org/viewvc/commons/proper/validator/trunk/src/changes/changes.xml?rev=1781670&r1=1781669&r2=1781670&view=diff
==============================================================================
--- commons/proper/validator/trunk/src/changes/changes.xml (original)
+++ commons/proper/validator/trunk/src/changes/changes.xml Sat Feb  4 14:01:24 
2017
@@ -90,6 +90,9 @@ The dependencies for Validator have not
 For the current list of dependencies, please see
 http://commons.apache.org/validator/dependencies.html
   ">
+    <action issue="VALIDATOR-411" type="fix" dev="sebb">
+    UrlValidator accepts ports above max limit of 16-bit unsigned integer
+    </action>
     <action type="update" dev="sebb">
     IANA TLD lists: Updated to Version 2017020400, Last Updated Sat Feb  4 
07:07:01 2017 UTC
     </action>

Modified: 
commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java
URL: 
http://svn.apache.org/viewvc/commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java?rev=1781670&r1=1781669&r2=1781670&view=diff
==============================================================================
--- 
commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java
 (original)
+++ 
commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java
 Sat Feb  4 14:01:24 2017
@@ -156,8 +156,7 @@ public class UrlValidator implements Ser
 
     private static final int PARSE_AUTHORITY_HOST_IP = 2; // excludes 
userinfo, if present
 
-    // Not needed, because it is validated by AUTHORITY_REGEX
-//    private static final int PARSE_AUTHORITY_PORT = 3;
+    private static final int PARSE_AUTHORITY_PORT = 3; // excludes leading 
colon
 
     /**
      * Should always be empty. The code currently allows spaces.
@@ -413,6 +412,17 @@ public class UrlValidator implements Ser
                     return false;
                 }
             }
+            String port = authorityMatcher.group(PARSE_AUTHORITY_PORT);
+            if (port != null && port.length() > 0) {
+               try {
+                       long iPort = Integer.parseInt(port);
+                       if (iPort < 0 || iPort > 0xFFFF) {
+                               return false;
+                       }
+               } catch (NumberFormatException nfe) {
+                       return false; // this can happen for big numbers
+               }
+            }
         }
 
         String extra = authorityMatcher.group(PARSE_AUTHORITY_EXTRA);

Modified: 
commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java
URL: 
http://svn.apache.org/viewvc/commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java?rev=1781670&r1=1781669&r2=1781670&view=diff
==============================================================================
--- 
commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java
 (original)
+++ 
commons/proper/validator/trunk/src/test/java/org/apache/commons/validator/routines/UrlValidatorTest.java
 Sat Feb  4 14:01:24 2017
@@ -322,6 +322,15 @@ protected void setUp() {
         assertTrue(urlValidator.isValid("http://example.rocks";));
     }
 
+    public void testValidator411(){
+        UrlValidator urlValidator = new UrlValidator();
+        assertTrue(urlValidator.isValid("http://example.rocks:/";));
+        assertTrue(urlValidator.isValid("http://example.rocks:0/";));
+        assertTrue(urlValidator.isValid("http://example.rocks:65535/";));
+        assertFalse(urlValidator.isValid("http://example.rocks:65536/";));
+        assertFalse(urlValidator.isValid("http://example.rocks:100000/";));
+    }
+
     static boolean incrementTestPartsIndex(int[] testPartsIndex, Object[] 
testParts) {
       boolean carry = true;  //add 1 to lowest order part.
       boolean maxIndex = true;
@@ -533,11 +542,12 @@ protected void setUp() {
                                   new ResultPair("", false)
    };
    ResultPair[] testUrlPort = {new ResultPair(":80", true),
-                             new ResultPair(":65535", true),
+                             new ResultPair(":65535", true), // max possible
                              new ResultPair(":0", true),
                              new ResultPair("", true),
                              new ResultPair(":-1", false),
-                             new ResultPair(":65636", true),
+                             new ResultPair(":65636", false),
+                             new ResultPair(":999999999999999999", false),
                              new ResultPair(":65a", false)
    };
    ResultPair[] testPath = {new ResultPair("/test1", true),

Reply via email to