[PHP-CVS] cvs: php-src(PHP_4_4) /ext/standard var_unserializer.re
sesser Fri Oct 27 08:33:55 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/standard var_unserializer.re Log: Do not allow more than 65500 references http://cvs.php.net/viewvc.cgi/php-src/ext/standard/var_unserializer.re?r1=1.11.4.16.2.4r2=1.11.4.16.2.5diff_format=u Index: php-src/ext/standard/var_unserializer.re diff -u php-src/ext/standard/var_unserializer.re:1.11.4.16.2.4 php-src/ext/standard/var_unserializer.re:1.11.4.16.2.5 --- php-src/ext/standard/var_unserializer.re:1.11.4.16.2.4 Sun Jan 1 13:46:58 2006 +++ php-src/ext/standard/var_unserializer.reFri Oct 27 08:33:55 2006 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: var_unserializer.re,v 1.11.4.16.2.4 2006/01/01 13:46:58 sniper Exp $ */ +/* $Id: var_unserializer.re,v 1.11.4.16.2.5 2006/10/27 08:33:55 sesser Exp $ */ #include php.h #include ext/standard/php_var.h @@ -353,6 +353,10 @@ if (id == -1 || var_access(var_hash, id, rval_ref) != SUCCESS) { return 0; } + + if ((*rval_ref)-refcount 65500) { + return 0; + } if (*rval != NULL) { zval_ptr_dtor(rval); @@ -377,6 +381,10 @@ if (*rval == *rval_ref) return 0; + if ((*rval_ref)-refcount 65500) { + return 0; + } + if (*rval != NULL) { zval_ptr_dtor(rval); } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /ext/standard var_unserializer.re
derick Mon Jun 13 10:13:11 2005 EDT Modified files: (Branch: PHP_4_4) /php-src/ext/standard var_unserializer.re Log: - MFH: Fixed bug with unserialize() with exotic letters in class names http://cvs.php.net/diff.php/php-src/ext/standard/var_unserializer.re?r1=1.11.4.16r2=1.11.4.16.2.1ty=u Index: php-src/ext/standard/var_unserializer.re diff -u php-src/ext/standard/var_unserializer.re:1.11.4.16 php-src/ext/standard/var_unserializer.re:1.11.4.16.2.1 --- php-src/ext/standard/var_unserializer.re:1.11.4.16 Wed Mar 9 21:00:17 2005 +++ php-src/ext/standard/var_unserializer.reMon Jun 13 10:13:11 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: var_unserializer.re,v 1.11.4.16 2005/03/10 02:00:17 helly Exp $ */ +/* $Id: var_unserializer.re,v 1.11.4.16.2.1 2005/06/13 14:13:11 derick Exp $ */ #include php.h #include ext/standard/php_var.h @@ -528,7 +528,7 @@ class_name = str_tolower_copy((char *)emalloc(len+1), class_name, len); class_name[len] = '\0'; - len3 = strspn(class_name, 0123456789_abcdefghijklmnopqrstuvwxyz); + len3 = strspn(class_name, 0123456789_abcdefghijklmnopqrstuvwxyz\177\200\201\202\203\204\205\206\207\210\211\212\213\214\215\216\217\220\221\222\223\224\225\226\227\230\231\232\233\234\235\236\237\240\241\242\243\244\245\246\247\250\251\252\253\254\255\256\257\260\261\262\263\264\265\266\267\270\271\272\273\274\275\276\277\300\301\302\303\304\305\306\307\310\311\312\313\314\315\316\317\320\321\322\323\324\325\326\327\330\331\332\333\334\335\336\337\340\341\342\343\344\345\346\347\350\351\352\353\354\355\356\357\360\361\362\363\364\365\366\367\370\371\372\373\374\375\376\377); if (len3 != len) { *p = YYCURSOR + len3 - len; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php