THRIFT-5587: Add UUID validation for PHP

Validate UUID format on write (all protocols) and on read (JSON protocol)
using the canonical regex pattern. Throws TProtocolException on invalid input.

Author: sveneld

lib/php/lib/Protocol/TBinaryProtocol.php

@@ -222,6 +222,7 @@ public function writeString($value)
 
     public function writeUuid($uuid)
     {
+        self::validateUuid($uuid);
         $data = hex2bin(str_replace('-', '', $uuid));
         $this->trans_->write($data, 16);
 

lib/php/lib/Protocol/TCompactProtocol.php

@@ -375,6 +375,7 @@ public function writeString($value)
 
     public function writeUuid($uuid)
     {
+        self::validateUuid($uuid);
         $data = hex2bin(str_replace('-', '', $uuid));
         $this->trans_->write($data, 16);
 

lib/php/lib/Protocol/TJSONProtocol.php

@@ -582,6 +582,7 @@ public function writeString($str)
 
     public function writeUuid($uuid)
     {
+        self::validateUuid($uuid);
         $this->writeJSONString($uuid);
     }
 
@@ -745,6 +746,7 @@ public function readString(&$str)
     public function readUuid(&$uuid)
     {
         $uuid = $this->readJSONString(false);
+        self::validateUuid($uuid);
 
         return true;
     }

lib/php/lib/Protocol/TProtocol.php

@@ -131,6 +131,13 @@ abstract public function writeString($str);
 
     abstract public function writeUuid($uuid);
 
+    protected static function validateUuid($uuid)
+    {
+        if (!is_string($uuid) || !preg_match('/^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$/', $uuid)) {
+            throw new TProtocolException('Invalid UUID format', TProtocolException::INVALID_DATA);
+        }
+    }
+
     /**
      * Reads the message header
      *

lib/php/test/Unit/Lib/Protocol/TBinaryProtocolTest.php

@@ -443,6 +443,30 @@ public function testReadUuid()
         $this->assertEquals('01234567-89ab-cdef-0123-456789abcdef', $value);
     }
 
+    /**
+     * @dataProvider invalidUuidDataProvider
+     */
+    public function testWriteUuidValidation($invalidUuid)
+    {
+        $transport = $this->createMock(TTransport::class);
+        $protocol = new TBinaryProtocol($transport, false, false);
+
+        $this->expectException(\Thrift\Exception\TProtocolException::class);
+        $this->expectExceptionMessage('Invalid UUID format');
+        $protocol->writeUuid($invalidUuid);
+    }
+
+    public function invalidUuidDataProvider()
+    {
+        return [
+            'too short' => ['550e8400-e29b-41d4-a716'],
+            'no dashes' => ['550e8400e29b41d4a716446655440000'],
+            'invalid char' => ['550e8400-e29b-41d4-a716-44665544000g'],
+            'empty' => [''],
+            'not a string' => [12345],
+        ];
+    }
+
     /**
      * @dataProvider readMessageBeginDataProvider
      */

lib/php/test/Unit/Lib/Protocol/TCompactProtocolTest.php

@@ -824,6 +824,30 @@ public function testReadUuid()
         $this->assertSame('01234567-89ab-cdef-0123-456789abcdef', $value);
     }
 
+    /**
+     * @dataProvider invalidUuidDataProvider
+     */
+    public function testWriteUuidValidation($invalidUuid)
+    {
+        $transport = $this->createMock(TTransport::class);
+        $protocol = new TCompactProtocol($transport);
+
+        $this->expectException(\Thrift\Exception\TProtocolException::class);
+        $this->expectExceptionMessage('Invalid UUID format');
+        $protocol->writeUuid($invalidUuid);
+    }
+
+    public function invalidUuidDataProvider()
+    {
+        return [
+            'too short' => ['550e8400-e29b-41d4-a716'],
+            'no dashes' => ['550e8400e29b41d4a716446655440000'],
+            'invalid char' => ['550e8400-e29b-41d4-a716-44665544000g'],
+            'empty' => [''],
+            'not a string' => [12345],
+        ];
+    }
+
     /**
      * @dataProvider writeI64DataProvider
      */