diff options
author | Dmitry Stogov <dmitry@zend.com> | 2014-04-26 00:32:51 +0400 |
---|---|---|
committer | Dmitry Stogov <dmitry@zend.com> | 2014-04-26 00:32:51 +0400 |
commit | f9927a6c97208c60d922f9a4e98feb8079c57d1f (patch) | |
tree | 35815b69d1bf7d47fb41e857ff8d2b024ddac153 /ext/standard/var_unserializer.c | |
parent | 4e7cbf3f5842abe6688c11ce3cc11d2eabf0695f (diff) | |
parent | b82d077f988606580e5c06a9da18fe4f60ddb7cb (diff) | |
download | php-git-f9927a6c97208c60d922f9a4e98feb8079c57d1f.tar.gz |
Merge mainstream 'master' branch into refactoring
During merge I had to revert:
Nikita's patch for php_splice() (it probably needs to be applyed again)
Bob Weinand's patches related to constant expression handling (we need to review them carefully)
I also reverted all our attempts to support sapi/phpdbg (we didn't test it anyway)
Conflicts:
Zend/zend.h
Zend/zend_API.c
Zend/zend_ast.c
Zend/zend_compile.c
Zend/zend_compile.h
Zend/zend_constants.c
Zend/zend_exceptions.c
Zend/zend_execute.c
Zend/zend_execute.h
Zend/zend_execute_API.c
Zend/zend_hash.c
Zend/zend_highlight.c
Zend/zend_language_parser.y
Zend/zend_language_scanner.c
Zend/zend_language_scanner_defs.h
Zend/zend_variables.c
Zend/zend_vm_def.h
Zend/zend_vm_execute.h
ext/date/php_date.c
ext/dom/documenttype.c
ext/hash/hash.c
ext/iconv/iconv.c
ext/mbstring/tests/zend_multibyte-10.phpt
ext/mbstring/tests/zend_multibyte-11.phpt
ext/mbstring/tests/zend_multibyte-12.phpt
ext/mysql/php_mysql.c
ext/mysqli/mysqli.c
ext/mysqlnd/mysqlnd_reverse_api.c
ext/mysqlnd/php_mysqlnd.c
ext/opcache/ZendAccelerator.c
ext/opcache/zend_accelerator_util_funcs.c
ext/opcache/zend_persist.c
ext/opcache/zend_persist_calc.c
ext/pcre/php_pcre.c
ext/pdo/pdo_dbh.c
ext/pdo/pdo_stmt.c
ext/pdo_pgsql/pgsql_driver.c
ext/pgsql/pgsql.c
ext/reflection/php_reflection.c
ext/session/session.c
ext/spl/spl_array.c
ext/spl/spl_observer.c
ext/standard/array.c
ext/standard/basic_functions.c
ext/standard/html.c
ext/standard/mail.c
ext/standard/php_array.h
ext/standard/proc_open.c
ext/standard/streamsfuncs.c
ext/standard/user_filters.c
ext/standard/var_unserializer.c
ext/standard/var_unserializer.re
main/php_variables.c
sapi/phpdbg/phpdbg.c
sapi/phpdbg/phpdbg_bp.c
sapi/phpdbg/phpdbg_frame.c
sapi/phpdbg/phpdbg_help.c
sapi/phpdbg/phpdbg_list.c
sapi/phpdbg/phpdbg_print.c
sapi/phpdbg/phpdbg_prompt.c
Diffstat (limited to 'ext/standard/var_unserializer.c')
-rw-r--r-- | ext/standard/var_unserializer.c | 74 |
1 files changed, 43 insertions, 31 deletions
diff --git a/ext/standard/var_unserializer.c b/ext/standard/var_unserializer.c index 2525350bbc..e1d899587c 100644 --- a/ext/standard/var_unserializer.c +++ b/ext/standard/var_unserializer.c @@ -411,7 +411,15 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce) (*p) += 2; - object_init_ex(rval, ce); + if (ce->serialize == NULL) { + object_init_ex(rval, ce); + } else { + /* If this class implements Serializable, it should not land here but in object_custom(). The passed string + obviously doesn't descend from the regular serializer. */ + zend_error(E_WARNING, "Erroneous data format for unserializing '%s'", ce->name->val); + return 0; + } + return elements; } @@ -423,6 +431,10 @@ static inline int object_common2(UNSERIALIZE_PARAMETER, long elements) zval retval; zval fname; + if (Z_TYPE_P(rval) != IS_OBJECT) { + return 0; + } + //??? TODO: resize before if (!process_nested_data(UNSERIALIZE_PASSTHRU, Z_OBJPROP_P(rval), elements, 1)) { return 0; @@ -469,7 +481,7 @@ PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER) start = cursor; -#line 473 "ext/standard/var_unserializer.c" +#line 485 "ext/standard/var_unserializer.c" { YYCTYPE yych; static const unsigned char yybm[] = { @@ -529,9 +541,9 @@ yy2: yych = *(YYMARKER = ++YYCURSOR); if (yych == ':') goto yy95; yy3: -#line 817 "ext/standard/var_unserializer.re" +#line 829 "ext/standard/var_unserializer.re" { return 0; } -#line 535 "ext/standard/var_unserializer.c" +#line 547 "ext/standard/var_unserializer.c" yy4: yych = *(YYMARKER = ++YYCURSOR); if (yych == ':') goto yy89; @@ -574,13 +586,13 @@ yy13: goto yy3; yy14: ++YYCURSOR; -#line 811 "ext/standard/var_unserializer.re" +#line 823 "ext/standard/var_unserializer.re" { /* this is the case where we have less data than planned */ php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Unexpected end of serialized data"); return 0; /* not sure if it should be 0 or 1 here? */ } -#line 584 "ext/standard/var_unserializer.c" +#line 596 "ext/standard/var_unserializer.c" yy16: yych = *++YYCURSOR; goto yy3; @@ -610,7 +622,7 @@ yy20: yych = *++YYCURSOR; if (yych != '"') goto yy18; ++YYCURSOR; -#line 672 "ext/standard/var_unserializer.re" +#line 684 "ext/standard/var_unserializer.re" { size_t len, len2, len3, maxlen; long elements; @@ -749,7 +761,7 @@ yy20: return object_common2(UNSERIALIZE_PASSTHRU, elements); } -#line 753 "ext/standard/var_unserializer.c" +#line 765 "ext/standard/var_unserializer.c" yy25: yych = *++YYCURSOR; if (yych <= ',') { @@ -774,7 +786,7 @@ yy27: yych = *++YYCURSOR; if (yych != '"') goto yy18; ++YYCURSOR; -#line 664 "ext/standard/var_unserializer.re" +#line 676 "ext/standard/var_unserializer.re" { //??? INIT_PZVAL(rval); @@ -782,7 +794,7 @@ yy27: return object_common2(UNSERIALIZE_PASSTHRU, object_common1(UNSERIALIZE_PASSTHRU, ZEND_STANDARD_CLASS_DEF_PTR)); } -#line 786 "ext/standard/var_unserializer.c" +#line 798 "ext/standard/var_unserializer.c" yy32: yych = *++YYCURSOR; if (yych == '+') goto yy33; @@ -803,7 +815,7 @@ yy34: yych = *++YYCURSOR; if (yych != '{') goto yy18; ++YYCURSOR; -#line 643 "ext/standard/var_unserializer.re" +#line 655 "ext/standard/var_unserializer.re" { long elements = parse_iv(start + 2); /* use iv() not uiv() in order to check data range */ @@ -824,7 +836,7 @@ yy34: return finish_nested_data(UNSERIALIZE_PASSTHRU); } -#line 828 "ext/standard/var_unserializer.c" +#line 840 "ext/standard/var_unserializer.c" yy39: yych = *++YYCURSOR; if (yych == '+') goto yy40; @@ -845,7 +857,7 @@ yy41: yych = *++YYCURSOR; if (yych != '"') goto yy18; ++YYCURSOR; -#line 613 "ext/standard/var_unserializer.re" +#line 625 "ext/standard/var_unserializer.re" { size_t len, maxlen; //??? TODO: use zend_string* instead of char* @@ -875,7 +887,7 @@ yy41: efree(str); return 1; } -#line 879 "ext/standard/var_unserializer.c" +#line 891 "ext/standard/var_unserializer.c" yy46: yych = *++YYCURSOR; if (yych == '+') goto yy47; @@ -896,7 +908,7 @@ yy48: yych = *++YYCURSOR; if (yych != '"') goto yy18; ++YYCURSOR; -#line 586 "ext/standard/var_unserializer.re" +#line 598 "ext/standard/var_unserializer.re" { size_t len, maxlen; char *str; @@ -923,7 +935,7 @@ yy48: ZVAL_STRINGL(rval, str, len); return 1; } -#line 927 "ext/standard/var_unserializer.c" +#line 939 "ext/standard/var_unserializer.c" yy53: yych = *++YYCURSOR; if (yych <= '/') { @@ -1011,7 +1023,7 @@ yy61: } yy63: ++YYCURSOR; -#line 577 "ext/standard/var_unserializer.re" +#line 589 "ext/standard/var_unserializer.re" { #if SIZEOF_LONG == 4 use_double: @@ -1020,7 +1032,7 @@ use_double: ZVAL_DOUBLE(rval, zend_strtod((const char *)start + 2, NULL)); return 1; } -#line 1024 "ext/standard/var_unserializer.c" +#line 1036 "ext/standard/var_unserializer.c" yy65: yych = *++YYCURSOR; if (yych <= ',') { @@ -1079,7 +1091,7 @@ yy73: yych = *++YYCURSOR; if (yych != ';') goto yy18; ++YYCURSOR; -#line 561 "ext/standard/var_unserializer.re" +#line 573 "ext/standard/var_unserializer.re" { *p = YYCURSOR; @@ -1095,7 +1107,7 @@ yy73: return 1; } -#line 1099 "ext/standard/var_unserializer.c" +#line 1111 "ext/standard/var_unserializer.c" yy76: yych = *++YYCURSOR; if (yych == 'N') goto yy73; @@ -1122,7 +1134,7 @@ yy79: if (yych <= '9') goto yy79; if (yych != ';') goto yy18; ++YYCURSOR; -#line 535 "ext/standard/var_unserializer.re" +#line 547 "ext/standard/var_unserializer.re" { #if SIZEOF_LONG == 4 int digits = YYCURSOR - start - 3; @@ -1148,7 +1160,7 @@ yy79: ZVAL_LONG(rval, parse_iv(start + 2)); return 1; } -#line 1152 "ext/standard/var_unserializer.c" +#line 1164 "ext/standard/var_unserializer.c" yy83: yych = *++YYCURSOR; if (yych <= '/') goto yy18; @@ -1156,22 +1168,22 @@ yy83: yych = *++YYCURSOR; if (yych != ';') goto yy18; ++YYCURSOR; -#line 529 "ext/standard/var_unserializer.re" +#line 541 "ext/standard/var_unserializer.re" { *p = YYCURSOR; ZVAL_BOOL(rval, parse_iv(start + 2)); return 1; } -#line 1166 "ext/standard/var_unserializer.c" +#line 1178 "ext/standard/var_unserializer.c" yy87: ++YYCURSOR; -#line 523 "ext/standard/var_unserializer.re" +#line 535 "ext/standard/var_unserializer.re" { *p = YYCURSOR; ZVAL_NULL(rval); return 1; } -#line 1175 "ext/standard/var_unserializer.c" +#line 1187 "ext/standard/var_unserializer.c" yy89: yych = *++YYCURSOR; if (yych <= ',') { @@ -1194,7 +1206,7 @@ yy91: if (yych <= '9') goto yy91; if (yych != ';') goto yy18; ++YYCURSOR; -#line 500 "ext/standard/var_unserializer.re" +#line 512 "ext/standard/var_unserializer.re" { long id; @@ -1217,7 +1229,7 @@ yy91: return 1; } -#line 1221 "ext/standard/var_unserializer.c" +#line 1233 "ext/standard/var_unserializer.c" yy95: yych = *++YYCURSOR; if (yych <= ',') { @@ -1240,7 +1252,7 @@ yy97: if (yych <= '9') goto yy97; if (yych != ';') goto yy18; ++YYCURSOR; -#line 477 "ext/standard/var_unserializer.re" +#line 489 "ext/standard/var_unserializer.re" { long id; @@ -1263,9 +1275,9 @@ yy97: return 1; } -#line 1267 "ext/standard/var_unserializer.c" +#line 1279 "ext/standard/var_unserializer.c" } -#line 819 "ext/standard/var_unserializer.re" +#line 831 "ext/standard/var_unserializer.re" return 0; |