1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
From 20568e502814fffc41d91a22edaf75ff5ae19d5c Mon Sep 17 00:00:00 2001
From: Anatol Belski <ab@php.net>
Date: Tue, 3 Jun 2014 20:43:58 +0200
Subject: [PATCH] Fixed regression introduced by patch for bug #67072
This applies to 5.4 and 5.5 only as a legacy fix.
---
ext/standard/tests/serialize/005.phpt | 8 ++---
ext/standard/var_unserializer.c | 68 ++++++++++++++++++-----------------
ext/standard/var_unserializer.re | 6 +++-
3 files changed, 44 insertions(+), 38 deletions(-)
diff --git a/ext/standard/tests/serialize/005.phpt b/ext/standard/tests/serialize/005.phpt
index 2df2701..07d47bd 100644
--- a/ext/standard/tests/serialize/005.phpt
+++ b/ext/standard/tests/serialize/005.phpt
@@ -156,11 +156,9 @@ object(TestNAOld)#%d (0) {
}
===NANew===
unserializer(TestNANew)
-
-Warning: Erroneous data format for unserializing 'TestNANew' in %s005.php on line %d
-
-Notice: unserialize(): Error at offset 19 of 20 bytes in %s005.php on line %d
-bool(false)
+TestNew::__wakeup()
+object(TestNANew)#1 (0) {
+}
===NANew2===
unserializer(TestNANew2)
TestNew::unserialize()
diff --git a/ext/standard/var_unserializer.c b/ext/standard/var_unserializer.c
index 003bac9..29d2e0f 100644
--- a/ext/standard/var_unserializer.c
+++ b/ext/standard/var_unserializer.c
@@ -396,7 +396,11 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce)
(*p) += 2;
- if (ce->serialize == NULL) {
+ /* The internal class check here is a BC fix only, userspace classes implementing the
+ Serializable interface have eventually an inconsistent behavior at this place when
+ unserialized from a manipulated string. Additionaly the interal classes can possibly
+ crash PHP so they're still disabled here. */
+ if (ce->serialize == NULL || ZEND_INTERNAL_CLASS != ce->type) {
object_init_ex(*rval, ce);
} else {
/* If this class implements Serializable, it should not land here but in object_custom(). The passed string
diff --git a/ext/standard/var_unserializer.re b/ext/standard/var_unserializer.re
index b3f5d29..cd4d53b 100644
--- a/ext/standard/var_unserializer.re
+++ b/ext/standard/var_unserializer.re
@@ -400,7 +400,11 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce)
(*p) += 2;
- if (ce->serialize == NULL) {
+ /* The internal class check here is a BC fix only, userspace classes implementing the
+ Serializable interface have eventually an inconsistent behavior at this place when
+ unserialized from a manipulated string. Additionaly the interal classes can possibly
+ crash PHP so they're still disabled here. */
+ if (ce->serialize == NULL || ZEND_INTERNAL_CLASS != ce->type) {
object_init_ex(*rval, ce);
} else {
/* If this class implements Serializable, it should not land here but in object_custom(). The passed string
--
1.9.2
|