2014-06-06 04:52:43 +00:00
|
|
|
From 20568e502814fffc41d91a22edaf75ff5ae19d5c Mon Sep 17 00:00:00 2001
|
|
|
|
From: Anatol Belski <ab@php.net>
|
|
|
|
Date: Tue, 3 Jun 2014 20:43:58 +0200
|
|
|
|
Subject: [PATCH] Fixed regression introduced by patch for bug #67072
|
|
|
|
|
|
|
|
This applies to 5.4 and 5.5 only as a legacy fix.
|
|
|
|
---
|
|
|
|
ext/standard/tests/serialize/005.phpt | 8 ++---
|
|
|
|
ext/standard/var_unserializer.c | 68 ++++++++++++++++++-----------------
|
|
|
|
ext/standard/var_unserializer.re | 6 +++-
|
|
|
|
3 files changed, 44 insertions(+), 38 deletions(-)
|
|
|
|
|
|
|
|
diff --git a/ext/standard/tests/serialize/005.phpt b/ext/standard/tests/serialize/005.phpt
|
|
|
|
index 2df2701..07d47bd 100644
|
|
|
|
--- a/ext/standard/tests/serialize/005.phpt
|
|
|
|
+++ b/ext/standard/tests/serialize/005.phpt
|
|
|
|
@@ -156,11 +156,9 @@ object(TestNAOld)#%d (0) {
|
|
|
|
}
|
|
|
|
===NANew===
|
|
|
|
unserializer(TestNANew)
|
|
|
|
-
|
|
|
|
-Warning: Erroneous data format for unserializing 'TestNANew' in %s005.php on line %d
|
|
|
|
-
|
|
|
|
-Notice: unserialize(): Error at offset 19 of 20 bytes in %s005.php on line %d
|
|
|
|
-bool(false)
|
|
|
|
+TestNew::__wakeup()
|
|
|
|
+object(TestNANew)#1 (0) {
|
|
|
|
+}
|
|
|
|
===NANew2===
|
|
|
|
unserializer(TestNANew2)
|
|
|
|
TestNew::unserialize()
|
2014-06-03 12:12:58 +00:00
|
|
|
diff --git a/ext/standard/var_unserializer.c b/ext/standard/var_unserializer.c
|
2014-06-06 04:52:43 +00:00
|
|
|
index 003bac9..29d2e0f 100644
|
2014-06-03 12:12:58 +00:00
|
|
|
--- a/ext/standard/var_unserializer.c
|
|
|
|
+++ b/ext/standard/var_unserializer.c
|
2014-06-06 04:52:43 +00:00
|
|
|
@@ -396,7 +396,11 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce)
|
2014-06-03 12:12:58 +00:00
|
|
|
|
|
|
|
(*p) += 2;
|
|
|
|
|
|
|
|
- if (ce->serialize == NULL) {
|
2014-06-06 04:52:43 +00:00
|
|
|
+ /* The internal class check here is a BC fix only, userspace classes implementing the
|
|
|
|
+ Serializable interface have eventually an inconsistent behavior at this place when
|
|
|
|
+ unserialized from a manipulated string. Additionaly the interal classes can possibly
|
|
|
|
+ crash PHP so they're still disabled here. */
|
2014-06-03 12:12:58 +00:00
|
|
|
+ if (ce->serialize == NULL || ZEND_INTERNAL_CLASS != ce->type) {
|
|
|
|
object_init_ex(*rval, ce);
|
|
|
|
} else {
|
|
|
|
/* If this class implements Serializable, it should not land here but in object_custom(). The passed string
|
|
|
|
diff --git a/ext/standard/var_unserializer.re b/ext/standard/var_unserializer.re
|
2014-06-06 04:52:43 +00:00
|
|
|
index b3f5d29..cd4d53b 100644
|
2014-06-03 12:12:58 +00:00
|
|
|
--- a/ext/standard/var_unserializer.re
|
|
|
|
+++ b/ext/standard/var_unserializer.re
|
2014-06-06 04:52:43 +00:00
|
|
|
@@ -400,7 +400,11 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce)
|
2014-06-03 12:12:58 +00:00
|
|
|
|
|
|
|
(*p) += 2;
|
|
|
|
|
|
|
|
- if (ce->serialize == NULL) {
|
2014-06-06 04:52:43 +00:00
|
|
|
+ /* The internal class check here is a BC fix only, userspace classes implementing the
|
|
|
|
+ Serializable interface have eventually an inconsistent behavior at this place when
|
|
|
|
+ unserialized from a manipulated string. Additionaly the interal classes can possibly
|
|
|
|
+ crash PHP so they're still disabled here. */
|
2014-06-03 12:12:58 +00:00
|
|
|
+ if (ce->serialize == NULL || ZEND_INTERNAL_CLASS != ce->type) {
|
|
|
|
object_init_ex(*rval, ce);
|
|
|
|
} else {
|
|
|
|
/* If this class implements Serializable, it should not land here but in object_custom(). The passed string
|
2014-06-06 04:52:43 +00:00
|
|
|
--
|
|
|
|
1.9.2
|
|
|
|
|