helly Mon Feb 14 16:03:12 2005 EDT
Modified files:
/php-src/ext/standard var_unserializer.c
Log:
- Disallow illegal class names (.c part)
http://cvs.php.net/diff.php/php-src/ext/standard/var_unserializer.c?r1=1.52&r2=1.53&ty=u
Index: php-src/ext/standard/var_unserializer.c
diff -u php-src/ext/standard/var_unserializer.c:1.52
php-src/ext/standard/var_unserializer.c:1.53
--- php-src/ext/standard/var_unserializer.c:1.52 Sun Jan 30 11:38:53 2005
+++ php-src/ext/standard/var_unserializer.c Mon Feb 14 16:03:09 2005
@@ -1,5 +1,5 @@
-/* Generated by re2c 0.9.3 on Sun Jan 30 11:34:19 2005 */
-#line 1 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+/* Generated by re2c 0.9.4 on Mon Feb 14 21:57:21 2005 */
+#line 1 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
/*
+----------------------------------------------------------------------+
| PHP Version 5 |
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: var_unserializer.c,v 1.52 2005/01/30 16:38:53 iliaa Exp $ */
+/* $Id: var_unserializer.c,v 1.53 2005/02/14 21:03:09 helly Exp $ */
#include "php.h"
#include "ext/standard/php_var.h"
@@ -147,7 +147,7 @@
#define YYMARKER marker
-#line 154 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 154 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
@@ -406,7 +406,7 @@
goto yy16;
} else {
if(yych <= '}') goto yy14;
- if(yych <= '\277') goto yy16;
+ if(yych <= 0xBF) goto yy16;
goto yy2;
}
}
@@ -420,7 +420,7 @@
if(yych == ':') goto yy87;
goto yy4;
yy4:
-#line 574 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 581 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{ return 0; }
#line 102 "<stdout>"
yy5: yyaccept = 0;
@@ -461,7 +461,7 @@
yy14: ++YYCURSOR;
goto yy15;
yy15:
-#line 568 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 575 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
/* this is the case where we have less data than planned */
php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Unexpected end of
serialized data");
@@ -490,9 +490,9 @@
yy22: ++YYCURSOR;
goto yy23;
yy23:
-#line 475 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 475 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
- size_t len, len2, maxlen;
+ size_t len, len2, len3, maxlen;
int elements;
char *class_name;
zend_class_entry *ce;
@@ -525,6 +525,13 @@
return 0;
}
+ len3 = strspn(class_name,
"0123456789_abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
+ if (len3 != len)
+ {
+ *p = YYCURSOR + len3 - len;
+ return 0;
+ }
+
class_name = estrndup(class_name, len);
do {
@@ -583,7 +590,7 @@
return object_common2(UNSERIALIZE_PASSTHRU, elements);
}
-#line 264 "<stdout>"
+#line 271 "<stdout>"
yy24: yych = *++YYCURSOR;
if(yych <= ','){
if(yych != '+') goto yy2;
@@ -612,7 +619,7 @@
yy29: ++YYCURSOR;
goto yy30;
yy30:
-#line 467 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 467 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
INIT_PZVAL(*rval);
@@ -620,7 +627,7 @@
return object_common2(UNSERIALIZE_PASSTHRU,
object_common1(UNSERIALIZE_PASSTHRU,
ZEND_STANDARD_CLASS_DEF_PTR));
}
-#line 302 "<stdout>"
+#line 309 "<stdout>"
yy31: yych = *++YYCURSOR;
if(yych == '+') goto yy32;
if(yych <= '/') goto yy2;
@@ -644,7 +651,7 @@
yy36: ++YYCURSOR;
goto yy37;
yy37:
-#line 449 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 449 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
int elements = parse_iv(start + 2);
@@ -662,7 +669,7 @@
return finish_nested_data(UNSERIALIZE_PASSTHRU);
}
-#line 345 "<stdout>"
+#line 352 "<stdout>"
yy38: yych = *++YYCURSOR;
if(yych == '+') goto yy39;
if(yych <= '/') goto yy2;
@@ -686,7 +693,7 @@
yy43: ++YYCURSOR;
goto yy44;
yy44:
-#line 421 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 421 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
size_t len, maxlen;
char *str;
@@ -714,7 +721,7 @@
ZVAL_STRINGL(*rval, str, len, 1);
return 1;
}
-#line 398 "<stdout>"
+#line 405 "<stdout>"
yy45: yych = *++YYCURSOR;
if(yych <= '/'){
if(yych <= ','){
@@ -803,14 +810,14 @@
yy55: ++YYCURSOR;
goto yy56;
yy56:
-#line 414 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 414 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
ZVAL_DOUBLE(*rval, zend_strtod(start + 2, NULL));
return 1;
}
-#line 496 "<stdout>"
+#line 503 "<stdout>"
yy57: yych = *++YYCURSOR;
if(yych <= ','){
if(yych != '+') goto yy2;
@@ -870,7 +877,7 @@
yy66: ++YYCURSOR;
goto yy67;
yy67:
-#line 399 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 399 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
@@ -885,7 +892,7 @@
return 1;
}
-#line 573 "<stdout>"
+#line 580 "<stdout>"
yy68: yych = *++YYCURSOR;
if(yych == 'N') goto yy65;
goto yy2;
@@ -914,14 +921,14 @@
yy73: ++YYCURSOR;
goto yy74;
yy74:
-#line 392 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 392 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
ZVAL_LONG(*rval, parse_iv(start + 2));
return 1;
}
-#line 610 "<stdout>"
+#line 617 "<stdout>"
yy75: yych = *++YYCURSOR;
if(yych <= '/') goto yy2;
if(yych >= '2') goto yy2;
@@ -932,25 +939,25 @@
yy77: ++YYCURSOR;
goto yy78;
yy78:
-#line 385 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 385 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
ZVAL_BOOL(*rval, parse_iv(start + 2));
return 1;
}
-#line 628 "<stdout>"
+#line 635 "<stdout>"
yy79: ++YYCURSOR;
goto yy80;
yy80:
-#line 378 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 378 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
ZVAL_NULL(*rval);
return 1;
}
-#line 639 "<stdout>"
+#line 646 "<stdout>"
yy81: yych = *++YYCURSOR;
if(yych <= ','){
if(yych != '+') goto yy2;
@@ -976,7 +983,7 @@
yy85: ++YYCURSOR;
goto yy86;
yy86:
-#line 355 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 355 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
int id;
@@ -999,7 +1006,7 @@
return 1;
}
-#line 689 "<stdout>"
+#line 696 "<stdout>"
yy87: yych = *++YYCURSOR;
if(yych <= ','){
if(yych != '+') goto yy2;
@@ -1025,7 +1032,7 @@
yy91: ++YYCURSOR;
goto yy92;
yy92:
-#line 334 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 334 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
{
int id;
@@ -1046,9 +1053,9 @@
return 1;
}
-#line 737 "<stdout>"
+#line 744 "<stdout>"
}
-#line 576 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re"
+#line 583 "/usr/src/php-cvs/ext/standard/var_unserializer.re"
return 0;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
