https://bugzilla.redhat.com/show_bug.cgi?id=646684 http://svn.php.net/viewvc/?view=revision&revision=303779 --- php-5.3.3/ext/filter/logical_filters.c.cve3710 +++ php-5.3.3/ext/filter/logical_filters.c @@ -531,6 +531,11 @@ void php_filter_validate_email(PHP_INPUT int matches; + /* The maximum length of an e-mail address is 320 octets, per RFC 2821. */ + if (Z_STRLEN_P(value) > 320) { + RETURN_VALIDATION_FAILED + } + re = pcre_get_compiled_regex((char *)regexp, &pcre_extra, &preg_options TSRMLS_CC); if (!re) { RETURN_VALIDATION_FAILED --- php-5.3.3/ext/filter/tests/bug52929.phpt.cve3710 +++ php-5.3.3/ext/filter/tests/bug52929.phpt @@ -0,0 +1,18 @@ +--TEST-- +Bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) +--SKIPIF-- + +--FILE-- +