Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-10198

Function validate_config_vars() improperly validates multibyte strings

    Details

    • Type: Bug
    • Status: Unverified Fix
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.0.8, 3.0.9-RC1
    • Fix Version/s: 3.0.9-RC1
    • Component/s: ACP
    • Labels:
      None

      Description

      Function validate_config_vars() (adm/index.php) improperly validates multibyte strings.
      This leads to, for example, incorrect validation of site description length when, say, ~244 unicode characters are entered.
      The cause is use of strlen() instead of utf8_strlen() here:

      			case 'string':
      				$length = strlen($cfg_array[$config_name]);

        Activity

        Hide
        naderman Nils Adermann added a comment -

        Added the fix to validate_range too. Tests are going into 3.1. So don't close after merge.

        Show
        naderman Nils Adermann added a comment - Added the fix to validate_range too. Tests are going into 3.1. So don't close after merge.
        Hide
        naderman Nils Adermann added a comment -

        Fix has been merged, reopening to attach tests for 3.1.

        Show
        naderman Nils Adermann added a comment - Fix has been merged, reopening to attach tests for 3.1.

          People

          • Assignee:
            rxu Ruslan Uzdenov
            Reporter:
            rxu Ruslan Uzdenov
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development