From d822e41538d55c4f78092160f1e8c51fc8858f42 Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Thu, 8 Sep 2022 10:19:33 +0200
Subject: [PATCH] [Uid] Fix validating UUID variant bits

---
 src/Symfony/Component/Uid/Tests/UuidTest.php | 26 ++++++++++++++++++++
 src/Symfony/Component/Uid/Ulid.php           |  4 +--
 src/Symfony/Component/Uid/Uuid.php           | 22 +++++++++++------
 src/Symfony/Component/Uid/UuidV1.php         |  2 +-
 src/Symfony/Component/Uid/UuidV3.php         |  5 ++++
 src/Symfony/Component/Uid/UuidV4.php         |  2 +-
 src/Symfony/Component/Uid/UuidV5.php         |  5 ++++
 src/Symfony/Component/Uid/UuidV6.php         |  2 +-
 8 files changed, 55 insertions(+), 13 deletions(-)

diff --git a/src/Symfony/Component/Uid/Tests/UuidTest.php b/src/Symfony/Component/Uid/Tests/UuidTest.php
index dad559f5a31ce..3e3c36c02ab03 100644
--- a/src/Symfony/Component/Uid/Tests/UuidTest.php
+++ b/src/Symfony/Component/Uid/Tests/UuidTest.php
@@ -44,6 +44,32 @@ public function provideInvalidUuids(): iterable
         yield ['these are just thirty-six characters'];
     }
 
+    /**
+     * @dataProvider provideInvalidVariant
+     */
+    public function testInvalidVariant(string $uuid)
+    {
+        $uuid = new Uuid($uuid);
+        $this->assertFalse(Uuid::isValid($uuid));
+
+        $uuid = (string) $uuid;
+        $class = Uuid::class.'V'.$uuid[14];
+
+        $this->expectException(\InvalidArgumentException::class);
+        $this->expectExceptionMessage('Invalid UUIDv'.$uuid[14].': "'.$uuid.'".');
+
+        new $class($uuid);
+    }
+
+    public function provideInvalidVariant(): iterable
+    {
+        yield ['8dac64d3-937a-1e7c-fa1d-d5d6c06a61f5'];
+        yield ['8dac64d3-937a-3e7c-fa1d-d5d6c06a61f5'];
+        yield ['8dac64d3-937a-4e7c-fa1d-d5d6c06a61f5'];
+        yield ['8dac64d3-937a-5e7c-fa1d-d5d6c06a61f5'];
+        yield ['8dac64d3-937a-6e7c-fa1d-d5d6c06a61f5'];
+    }
+
     public function testConstructorWithValidUuid()
     {
         $uuid = new UuidV4(self::A_UUID_V4);
diff --git a/src/Symfony/Component/Uid/Ulid.php b/src/Symfony/Component/Uid/Ulid.php
index 0ed0673ee3183..a23481612745e 100644
--- a/src/Symfony/Component/Uid/Ulid.php
+++ b/src/Symfony/Component/Uid/Ulid.php
@@ -64,8 +64,8 @@ public static function isValid(string $ulid): bool
      */
     public static function fromString(string $ulid): parent
     {
-        if (36 === \strlen($ulid) && Uuid::isValid($ulid)) {
-            $ulid = (new Uuid($ulid))->toBinary();
+        if (36 === \strlen($ulid) && preg_match('{^[0-9a-f]{8}(?:-[0-9a-f]{4}){3}-[0-9a-f]{12}$}Di', $ulid)) {
+            $ulid = uuid_parse($ulid);
         } elseif (22 === \strlen($ulid) && 22 === strspn($ulid, BinaryUtil::BASE58[''])) {
             $ulid = str_pad(BinaryUtil::fromBase($ulid, BinaryUtil::BASE58), 16, "\0", \STR_PAD_LEFT);
         }
diff --git a/src/Symfony/Component/Uid/Uuid.php b/src/Symfony/Component/Uid/Uuid.php
index 58c2871c49665..a68c5092f09de 100644
--- a/src/Symfony/Component/Uid/Uuid.php
+++ b/src/Symfony/Component/Uid/Uuid.php
@@ -26,7 +26,7 @@ class Uuid extends AbstractUid
     protected const TYPE = 0;
     protected const NIL = '00000000-0000-0000-0000-000000000000';
 
-    public function __construct(string $uuid)
+    public function __construct(string $uuid, bool $checkVariant = false)
     {
         $type = preg_match('{^[0-9a-f]{8}(?:-[0-9a-f]{4}){3}-[0-9a-f]{12}$}Di', $uuid) ? (int) $uuid[14] : false;
 
@@ -35,6 +35,10 @@ public function __construct(string $uuid)
         }
 
         $this->uid = strtolower($uuid);
+
+        if ($checkVariant && !\in_array($this->uid[19], ['8', '9', 'a', 'b'], true)) {
+            throw new \InvalidArgumentException(sprintf('Invalid UUID%s: "%s".', static::TYPE ? 'v'.static::TYPE : '', $uuid));
+        }
     }
 
     /**
@@ -67,12 +71,14 @@ public static function fromString(string $uuid): parent
             return new NilUuid();
         }
 
-        switch ($uuid[14]) {
-            case UuidV1::TYPE: return new UuidV1($uuid);
-            case UuidV3::TYPE: return new UuidV3($uuid);
-            case UuidV4::TYPE: return new UuidV4($uuid);
-            case UuidV5::TYPE: return new UuidV5($uuid);
-            case UuidV6::TYPE: return new UuidV6($uuid);
+        if (\in_array($uuid[19], ['8', '9', 'a', 'b', 'A', 'B'], true)) {
+            switch ($uuid[14]) {
+                case UuidV1::TYPE: return new UuidV1($uuid);
+                case UuidV3::TYPE: return new UuidV3($uuid);
+                case UuidV4::TYPE: return new UuidV4($uuid);
+                case UuidV5::TYPE: return new UuidV5($uuid);
+                case UuidV6::TYPE: return new UuidV6($uuid);
+            }
         }
 
         return new self($uuid);
@@ -111,7 +117,7 @@ final public static function v6(): UuidV6
 
     public static function isValid(string $uuid): bool
     {
-        if (!preg_match('{^[0-9a-f]{8}(?:-[0-9a-f]{4}){3}-[0-9a-f]{12}$}Di', $uuid)) {
+        if (!preg_match('{^[0-9a-f]{8}(?:-[0-9a-f]{4}){2}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$}Di', $uuid)) {
             return false;
         }
 
diff --git a/src/Symfony/Component/Uid/UuidV1.php b/src/Symfony/Component/Uid/UuidV1.php
index 7c1fceb9065e8..3b8cd5e3fc87a 100644
--- a/src/Symfony/Component/Uid/UuidV1.php
+++ b/src/Symfony/Component/Uid/UuidV1.php
@@ -27,7 +27,7 @@ public function __construct(string $uuid = null)
         if (null === $uuid) {
             $this->uid = uuid_create(static::TYPE);
         } else {
-            parent::__construct($uuid);
+            parent::__construct($uuid, true);
         }
     }
 
diff --git a/src/Symfony/Component/Uid/UuidV3.php b/src/Symfony/Component/Uid/UuidV3.php
index f89f2d7bb313b..cc9f016b47192 100644
--- a/src/Symfony/Component/Uid/UuidV3.php
+++ b/src/Symfony/Component/Uid/UuidV3.php
@@ -21,4 +21,9 @@
 class UuidV3 extends Uuid
 {
     protected const TYPE = 3;
+
+    public function __construct(string $uuid)
+    {
+        parent::__construct($uuid, true);
+    }
 }
diff --git a/src/Symfony/Component/Uid/UuidV4.php b/src/Symfony/Component/Uid/UuidV4.php
index 897e1ba627213..9724b67de2c59 100644
--- a/src/Symfony/Component/Uid/UuidV4.php
+++ b/src/Symfony/Component/Uid/UuidV4.php
@@ -30,7 +30,7 @@ public function __construct(string $uuid = null)
 
             $this->uid = substr($uuid, 0, 8).'-'.substr($uuid, 8, 4).'-'.substr($uuid, 12, 4).'-'.substr($uuid, 16, 4).'-'.substr($uuid, 20, 12);
         } else {
-            parent::__construct($uuid);
+            parent::__construct($uuid, true);
         }
     }
 }
diff --git a/src/Symfony/Component/Uid/UuidV5.php b/src/Symfony/Component/Uid/UuidV5.php
index f671f41250373..74ab133a296c8 100644
--- a/src/Symfony/Component/Uid/UuidV5.php
+++ b/src/Symfony/Component/Uid/UuidV5.php
@@ -21,4 +21,9 @@
 class UuidV5 extends Uuid
 {
     protected const TYPE = 5;
+
+    public function __construct(string $uuid)
+    {
+        parent::__construct($uuid, true);
+    }
 }
diff --git a/src/Symfony/Component/Uid/UuidV6.php b/src/Symfony/Component/Uid/UuidV6.php
index 5ba260e82a521..bf307ef41916a 100644
--- a/src/Symfony/Component/Uid/UuidV6.php
+++ b/src/Symfony/Component/Uid/UuidV6.php
@@ -29,7 +29,7 @@ public function __construct(string $uuid = null)
         if (null === $uuid) {
             $this->uid = static::generate();
         } else {
-            parent::__construct($uuid);
+            parent::__construct($uuid, true);
         }
     }
 

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/47518.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/47518.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/47518.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/47518.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>