[PHP-CVS] cvs: php-src(PHP_4_4) /ext/standard var_unserializer.re

2006-10-27 Thread Stefan Esser 
sesser  Fri Oct 27 08:33:55 2006 UTC

  Modified files:  (Branch: PHP_4_4)
/php-src/ext/standard   var_unserializer.re 
  Log:
  Do not allow more than 65500 references
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/var_unserializer.re?r1=1.11.4.16.2.4r2=1.11.4.16.2.5diff_format=u
Index: php-src/ext/standard/var_unserializer.re
diff -u php-src/ext/standard/var_unserializer.re:1.11.4.16.2.4 
php-src/ext/standard/var_unserializer.re:1.11.4.16.2.5
--- php-src/ext/standard/var_unserializer.re:1.11.4.16.2.4  Sun Jan  1 
13:46:58 2006
+++ php-src/ext/standard/var_unserializer.reFri Oct 27 08:33:55 2006
@@ -16,7 +16,7 @@
+--+
 */
 
-/* $Id: var_unserializer.re,v 1.11.4.16.2.4 2006/01/01 13:46:58 sniper Exp $ */
+/* $Id: var_unserializer.re,v 1.11.4.16.2.5 2006/10/27 08:33:55 sesser Exp $ */
 
 #include php.h
 #include ext/standard/php_var.h
@@ -353,6 +353,10 @@
if (id == -1 || var_access(var_hash, id, rval_ref) != SUCCESS) {
return 0;
}
+   
+   if ((*rval_ref)-refcount  65500) {
+   return 0;
+   }
 
if (*rval != NULL) {
zval_ptr_dtor(rval);
@@ -377,6 +381,10 @@

if (*rval == *rval_ref) return 0;
 
+   if ((*rval_ref)-refcount  65500) {
+   return 0;
+   }
+
if (*rval != NULL) {
zval_ptr_dtor(rval);
}

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_4_4) /ext/standard var_unserializer.re

2005-06-13 Thread Derick Rethans 
derick  Mon Jun 13 10:13:11 2005 EDT

  Modified files:  (Branch: PHP_4_4)
/php-src/ext/standard   var_unserializer.re 
  Log:
  - MFH: Fixed bug with unserialize() with exotic letters in class names
  
  
http://cvs.php.net/diff.php/php-src/ext/standard/var_unserializer.re?r1=1.11.4.16r2=1.11.4.16.2.1ty=u
Index: php-src/ext/standard/var_unserializer.re
diff -u php-src/ext/standard/var_unserializer.re:1.11.4.16 
php-src/ext/standard/var_unserializer.re:1.11.4.16.2.1
--- php-src/ext/standard/var_unserializer.re:1.11.4.16  Wed Mar  9 21:00:17 2005
+++ php-src/ext/standard/var_unserializer.reMon Jun 13 10:13:11 2005
@@ -16,7 +16,7 @@
+--+
 */
 
-/* $Id: var_unserializer.re,v 1.11.4.16 2005/03/10 02:00:17 helly Exp $ */
+/* $Id: var_unserializer.re,v 1.11.4.16.2.1 2005/06/13 14:13:11 derick Exp $ */
 
 #include php.h
 #include ext/standard/php_var.h
@@ -528,7 +528,7 @@
class_name = str_tolower_copy((char *)emalloc(len+1), class_name, len);
class_name[len] = '\0';

-   len3 = strspn(class_name, 0123456789_abcdefghijklmnopqrstuvwxyz);
+   len3 = strspn(class_name, 
0123456789_abcdefghijklmnopqrstuvwxyz\177\200\201\202\203\204\205\206\207\210\211\212\213\214\215\216\217\220\221\222\223\224\225\226\227\230\231\232\233\234\235\236\237\240\241\242\243\244\245\246\247\250\251\252\253\254\255\256\257\260\261\262\263\264\265\266\267\270\271\272\273\274\275\276\277\300\301\302\303\304\305\306\307\310\311\312\313\314\315\316\317\320\321\322\323\324\325\326\327\330\331\332\333\334\335\336\337\340\341\342\343\344\345\346\347\350\351\352\353\354\355\356\357\360\361\362\363\364\365\366\367\370\371\372\373\374\375\376\377);
if (len3 != len)
{
*p = YYCURSOR + len3 - len;

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php