diff options
| author | Ilia Alshanetsky <iliaa@php.net> | 2005-11-30 18:10:19 +0000 |
|---|---|---|
| committer | Ilia Alshanetsky <iliaa@php.net> | 2005-11-30 18:10:19 +0000 |
| commit | c60079862b9fc5397be8f686186794ba5336b6bc (patch) | |
| tree | bb9e7cfd7a397bfd24045172f75a750ae016f29e | |
| parent | a8a55dc08671d01bc444005e0f443a134babc9c3 (diff) | |
| download | php-git-c60079862b9fc5397be8f686186794ba5336b6bc.tar.gz | |
Fixed bug #35410 (wddx_deserialize() doesn't handle large ints as keys
properly).
| -rw-r--r-- | NEWS | 2 | ||||
| -rwxr-xr-x | ext/wddx/tests/bug35410.phpt | 71 | ||||
| -rw-r--r-- | ext/wddx/wddx.c | 4 |
3 files changed, 77 insertions, 0 deletions
@@ -25,6 +25,8 @@ PHP NEWS - Fixed bug #35422 (strtotime() does not parse times with UTC as timezone). (Ilia) - Fixed bug #35414 (strtotime() no longer works with ordinal suffix). (Ilia) +- Fixed bug #35410 (wddx_deserialize() doesn't handle large ints as keys + properly). (Ilia) - Fixed bug #35409 (undefined reference to 'rl_completion_matches'). (Jani) - Fixed bug #35399 (Since fix of bug #35273 SOAP decoding of soapenc:base64binary fails). (Dmitry) diff --git a/ext/wddx/tests/bug35410.phpt b/ext/wddx/tests/bug35410.phpt new file mode 100755 index 0000000000..a14544d03c --- /dev/null +++ b/ext/wddx/tests/bug35410.phpt @@ -0,0 +1,71 @@ +--TEST-- +#35410 (wddx_deserialize() doesn't handle large ints as keys properly) +--FILE-- +<?php +$wddx = <<<WDX +<wddxpacket version="1.0"> +<header> +<comment>Content Configuration File</comment> +</header> +<data> +<struct> +<var name="content_queries"> +<struct> +<var name="content_113300831086270200"> +<struct> +<var name="113301888545229100"> +<struct> +<var name="max"> +<number>10</number> +</var> +<var name="cache"> +<number>4</number> +</var> +<var name="order"> +<struct> +<var name="content_113300831086270200"> +<struct> +<var name="CMS_BUILD"> +<string>desc</string> +</var> +</struct> +</var> +</struct> +</var> +</struct> +</var> +</struct> +</var> +</struct> +</var> +</struct> +</data> +</wddxpacket> +WDX; + +var_dump(wddx_deserialize($wddx)); +?> +--EXPECT-- +array(1) { + ["content_queries"]=> + array(1) { + ["content_113300831086270200"]=> + array(1) { + ["113301888545229100"]=> + array(3) { + ["max"]=> + int(10) + ["cache"]=> + int(4) + ["order"]=> + array(1) { + ["content_113300831086270200"]=> + array(1) { + ["CMS_BUILD"]=> + string(4) "desc" + } + } + } + } + } +} diff --git a/ext/wddx/wddx.c b/ext/wddx/wddx.c index 2c1dd1dff0..e6f993590c 100644 --- a/ext/wddx/wddx.c +++ b/ext/wddx/wddx.c @@ -1005,11 +1005,15 @@ static void php_wddx_pop_element(void *user_data, const XML_Char *name) switch (is_numeric_string(ent1->varname, strlen(ent1->varname), &l, &d, 0)) { case IS_DOUBLE: + if (d > INT_MAX) { + goto bigint; + } l = (long) d; case IS_LONG: zend_hash_index_update(target_hash, l, &ent1->data, sizeof(zval *), NULL); break; default: +bigint: zend_hash_update(target_hash,ent1->varname, strlen(ent1->varname)+1, &ent1->data, sizeof(zval *), NULL); } } |