Fixed InputFilterer unum and num throw exceptions when passed large numbers


Well-known member
Affected version
The current code for filtering unum and num will throw an exception when passed a sufficiently large number, as floatval will convert those to INF:

php > var_export(floatval('1e99999'));
php > var_export(floatval('-1e99999'));
php > var_export(strval(floatval('1e99999')) + 0);
PHP Warning:  Uncaught TypeError: Unsupported operand types: string + int in php shell code:1
Stack trace:
#0 {main}
  thrown in php shell code on line 1

Warning: Uncaught TypeError: Unsupported operand types: string + int in php shell code:1
Stack trace:
#0 {main}
  thrown in php shell code on line 1

This will result in an exception along the lines of the following:

TypeError: Unsupported operand types: string + int in src/XF/InputFilterer.php at line 209
XF\InputFilterer->cleanInternal() in src/addons/SV/StandardLib/XF/InputFilterer.php at line 113
SV\StandardLib\XF\InputFilterer->cleanInternal() in src/XF/InputFilterer.php at line 160
XF\InputFilterer->filter() in src/XF/Http/Request.php at line 778
XF\Http\Request->filter() in src/XF/Mvc/Controller.php at line 746
XF\Mvc\Controller->filter() in src/XF/Pub/Controller/Forum.php at line 41
XF\Pub\Controller\Forum->actionList() in src/XF/Mvc/Dispatcher.php at line 352
XF\Mvc\Dispatcher->dispatchClass() in src/XF/Mvc/Dispatcher.php at line 259
XF\Mvc\Dispatcher->dispatchFromMatch() in src/XF/Mvc/Dispatcher.php at line 115
XF\Mvc\Dispatcher->dispatchLoop() in src/XF/Mvc/Dispatcher.php at line 57
XF\Mvc\Dispatcher->run() in src/XF/App.php at line 2352
XF\App->run() in src/XF.php at line 524
XF::runApp() in index.php at line 20

To quickly generate this exception, I added the following line to the top of \XF\Pub\Controller\Forum::actionList and visited /?a=1e99999999:

$this->filter('a', 'unum');
On second thought, int and uint won’t crash; they will return clamped values with numbers that require more than 64 bits to represent, but I think that’s fine.

A few other scenarios that look like they’ll result in related issues:

  • float and ufloat can return values such as INF, which may be undesirable.
  • On 64-bit systems, large integers—those requiring more than 53 bits—won’t parse correctly with num and unum. They will keep the integer type but will have their least significant digits changed. I can’t imagine a situation in which this actually matters, but I figured I’d mention it.
Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future XF release (2.2.13).

Change log:
Clamp input filterer float values
There may be a delay before changes are rolled out to the XenForo Community.
Top Bottom