public function validateQuery($query = null)
{
if ($query === null)
{
$query = $this->_query;
}
// If query is empty, it is considered to be valid
if (strlen($query) === 0)
{
return true;
}
// Determine whether the query is well-formed
$pattern = '/^' . $this->_regex['uric'] . '*$/';
$status = @preg_match($pattern, $query);
if ($status === false)
{
throw new CException('Internal error: query validation failed');
}
return $status == 1;
}
preg_match in this function can crash PHP execution if URI is too long.
public function validateFragment($fragment = null)
{
if ($fragment === null)
{
$fragment = $this->_fragment;
}
// If fragment is empty, it is considered to be valid
if (strlen($fragment) === 0)
{
return true;
}
// Determine whether the fragment is well-formed
$pattern = '/^' . $this->_regex['uric'] . '*$/';
$status = @preg_match($pattern, $fragment);
if ($status === false)
{
throw new CException('Internal error: fragment validation failed');
}
return (boolean) $status;
}
EUriHttp
preg_match
in this function can crash PHP execution if URI is too long.Possible solution: ZF-10151: Improved notification in Http.php validateQuery() over preg_match crash caused by PHP backtracking bug
Probably same issue can appear: EUriHttp