Backport fixes for comparison() and range() to 2.x

These fixes were released as a security update for 3.x, they also belong in 2.x
cakephp · Aug 7, 2015 · 9e979df · 9e979df
1 parent a657bf7
commit 9e979df
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 0 deletions.
diff --git a/lib/Cake/Test/Case/Utility/ValidationTest.php b/lib/Cake/Test/Case/Utility/ValidationTest.php
@@ -930,6 +930,25 @@ public function testComparison() {
 		$this->assertFalse(Validation::comparison(7, '==', 6));
 		$this->assertFalse(Validation::comparison(7, 'not equal', 7));
 		$this->assertFalse(Validation::comparison(7, '!=', 7));
+
+		$this->assertTrue(Validation::comparison('6.5', '!=', 6));
+		$this->assertTrue(Validation::comparison('6.5', '<', 7));
+	}
+
+/**
+ * Test comparison casting values before comparisons.
+ *
+ * @return void
+ */
+	public function testComparisonTypeChecks() {
+		$this->assertFalse(Validation::comparison('\x028', '>=', 1), 'hexish encoding fails');
+		$this->assertFalse(Validation::comparison('0b010', '>=', 1), 'binary string data fails');
+		$this->assertFalse(Validation::comparison('0x01', '>=', 1), 'hex string data fails');
+		$this->assertFalse(Validation::comparison('0x1', '>=', 1), 'hex string data fails');
+
+		$this->assertFalse(Validation::comparison('\x028', '>=', 1.5), 'hexish encoding fails');
+		$this->assertFalse(Validation::comparison('0b010', '>=', 1.5), 'binary string data fails');
+		$this->assertFalse(Validation::comparison('0x02', '>=', 1.5), 'hex string data fails');
 	}
 
 /**
@@ -2004,6 +2023,22 @@ public function testRange() {
 		$this->assertFalse(Validation::range('word'));
 	}
 
+/**
+ * Test range type checks
+ *
+ * @return void
+ */
+	public function testRangeTypeChecks() {
+		$this->assertFalse(Validation::range('\x028', 1, 5), 'hexish encoding fails');
+		$this->assertFalse(Validation::range('0b010', 1, 5), 'binary string data fails');
+		$this->assertFalse(Validation::range('0x01', 1, 5), 'hex string data fails');
+		$this->assertFalse(Validation::range('0x1', 1, 5), 'hex string data fails');
+
+		$this->assertFalse(Validation::range('\x028', 1, 5), 'hexish encoding fails');
+		$this->assertFalse(Validation::range('0b010', 1, 5), 'binary string data fails');
+		$this->assertFalse(Validation::range('0x02', 1, 5), 'hex string data fails');
+	}
+
 /**
  * testExtension method
  *

diff --git a/lib/Cake/Utility/Validation.php b/lib/Cake/Utility/Validation.php
@@ -229,6 +229,10 @@ public static function comparison($check1, $operator = null, $check2 = null) {
 		if (is_array($check1)) {
 			extract($check1, EXTR_OVERWRITE);
 		}
+
+		if ((float)$check1 != $check1) {
+			return false;
+		}
 		$operator = str_replace(array(' ', "\t", "\n", "\r", "\0", "\x0B"), '', strtolower($operator));
 
 		switch ($operator) {
@@ -744,6 +748,9 @@ public static function range($check, $lower = null, $upper = null) {
 		if (!is_numeric($check)) {
 			return false;
 		}
+		if ((float)$check != $check) {
+			return false;
+		}
 		if (isset($lower) && isset($upper)) {
 			return ($check > $lower && $check < $upper);
 		}