diff options
author | Marcus Boerger <helly@php.net> | 2005-02-14 21:03:09 +0000 |
---|---|---|
committer | Marcus Boerger <helly@php.net> | 2005-02-14 21:03:09 +0000 |
commit | 3ab88a4718a6e0268021c64b75524977e030b84b (patch) | |
tree | ba9b48ca6e49df5120d357c8f9a1ed3661ef469d /ext/standard/var_unserializer.c | |
parent | ff8055fc5c9750482aac7a25a074aae0b1e64706 (diff) | |
download | php-git-3ab88a4718a6e0268021c64b75524977e030b84b.tar.gz |
- Disallow illegal class names (.c part)
Diffstat (limited to 'ext/standard/var_unserializer.c')
-rw-r--r-- | ext/standard/var_unserializer.c | 67 |
1 files changed, 37 insertions, 30 deletions
diff --git a/ext/standard/var_unserializer.c b/ext/standard/var_unserializer.c index ac340e68d7..a89db23f4a 100644 --- a/ext/standard/var_unserializer.c +++ b/ext/standard/var_unserializer.c @@ -1,5 +1,5 @@ -/* Generated by re2c 0.9.3 on Sun Jan 30 11:34:19 2005 */ -#line 1 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +/* Generated by re2c 0.9.4 on Mon Feb 14 21:57:21 2005 */ +#line 1 "/usr/src/php-cvs/ext/standard/var_unserializer.re" /* +----------------------------------------------------------------------+ | PHP Version 5 | @@ -147,7 +147,7 @@ PHPAPI void var_destroy(php_unserialize_data_t *var_hashx) #define YYMARKER marker -#line 154 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 154 "/usr/src/php-cvs/ext/standard/var_unserializer.re" @@ -406,7 +406,7 @@ yy0: goto yy16; } else { if(yych <= '}') goto yy14; - if(yych <= '\277') goto yy16; + if(yych <= 0xBF) goto yy16; goto yy2; } } @@ -420,7 +420,7 @@ yy3: yyaccept = 0; if(yych == ':') goto yy87; goto yy4; yy4: -#line 574 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 581 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { return 0; } #line 102 "<stdout>" yy5: yyaccept = 0; @@ -461,7 +461,7 @@ yy13: yyaccept = 0; yy14: ++YYCURSOR; goto yy15; yy15: -#line 568 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 575 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { /* this is the case where we have less data than planned */ php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Unexpected end of serialized data"); @@ -490,9 +490,9 @@ yy21: yych = *++YYCURSOR; yy22: ++YYCURSOR; goto yy23; yy23: -#line 475 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 475 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { - size_t len, len2, maxlen; + size_t len, len2, len3, maxlen; int elements; char *class_name; zend_class_entry *ce; @@ -525,6 +525,13 @@ yy23: return 0; } + len3 = strspn(class_name, "0123456789_abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"); + if (len3 != len) + { + *p = YYCURSOR + len3 - len; + return 0; + } + class_name = estrndup(class_name, len); do { @@ -583,7 +590,7 @@ yy23: return object_common2(UNSERIALIZE_PASSTHRU, elements); } -#line 264 "<stdout>" +#line 271 "<stdout>" yy24: yych = *++YYCURSOR; if(yych <= ','){ if(yych != '+') goto yy2; @@ -612,7 +619,7 @@ yy28: yych = *++YYCURSOR; yy29: ++YYCURSOR; goto yy30; yy30: -#line 467 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 467 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { INIT_PZVAL(*rval); @@ -620,7 +627,7 @@ yy30: return object_common2(UNSERIALIZE_PASSTHRU, object_common1(UNSERIALIZE_PASSTHRU, ZEND_STANDARD_CLASS_DEF_PTR)); } -#line 302 "<stdout>" +#line 309 "<stdout>" yy31: yych = *++YYCURSOR; if(yych == '+') goto yy32; if(yych <= '/') goto yy2; @@ -644,7 +651,7 @@ yy35: yych = *++YYCURSOR; yy36: ++YYCURSOR; goto yy37; yy37: -#line 449 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 449 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { int elements = parse_iv(start + 2); @@ -662,7 +669,7 @@ yy37: return finish_nested_data(UNSERIALIZE_PASSTHRU); } -#line 345 "<stdout>" +#line 352 "<stdout>" yy38: yych = *++YYCURSOR; if(yych == '+') goto yy39; if(yych <= '/') goto yy2; @@ -686,7 +693,7 @@ yy42: yych = *++YYCURSOR; yy43: ++YYCURSOR; goto yy44; yy44: -#line 421 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 421 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { size_t len, maxlen; char *str; @@ -714,7 +721,7 @@ yy44: ZVAL_STRINGL(*rval, str, len, 1); return 1; } -#line 398 "<stdout>" +#line 405 "<stdout>" yy45: yych = *++YYCURSOR; if(yych <= '/'){ if(yych <= ','){ @@ -803,14 +810,14 @@ yy54: if(yych <= ';'){ yy55: ++YYCURSOR; goto yy56; yy56: -#line 414 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 414 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { *p = YYCURSOR; INIT_PZVAL(*rval); ZVAL_DOUBLE(*rval, zend_strtod(start + 2, NULL)); return 1; } -#line 496 "<stdout>" +#line 503 "<stdout>" yy57: yych = *++YYCURSOR; if(yych <= ','){ if(yych != '+') goto yy2; @@ -870,7 +877,7 @@ yy65: yych = *++YYCURSOR; yy66: ++YYCURSOR; goto yy67; yy67: -#line 399 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 399 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { *p = YYCURSOR; INIT_PZVAL(*rval); @@ -885,7 +892,7 @@ yy67: return 1; } -#line 573 "<stdout>" +#line 580 "<stdout>" yy68: yych = *++YYCURSOR; if(yych == 'N') goto yy65; goto yy2; @@ -914,14 +921,14 @@ yy72: if(yych <= '/') goto yy2; yy73: ++YYCURSOR; goto yy74; yy74: -#line 392 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 392 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { *p = YYCURSOR; INIT_PZVAL(*rval); ZVAL_LONG(*rval, parse_iv(start + 2)); return 1; } -#line 610 "<stdout>" +#line 617 "<stdout>" yy75: yych = *++YYCURSOR; if(yych <= '/') goto yy2; if(yych >= '2') goto yy2; @@ -932,25 +939,25 @@ yy76: yych = *++YYCURSOR; yy77: ++YYCURSOR; goto yy78; yy78: -#line 385 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 385 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { *p = YYCURSOR; INIT_PZVAL(*rval); ZVAL_BOOL(*rval, parse_iv(start + 2)); return 1; } -#line 628 "<stdout>" +#line 635 "<stdout>" yy79: ++YYCURSOR; goto yy80; yy80: -#line 378 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 378 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { *p = YYCURSOR; INIT_PZVAL(*rval); ZVAL_NULL(*rval); return 1; } -#line 639 "<stdout>" +#line 646 "<stdout>" yy81: yych = *++YYCURSOR; if(yych <= ','){ if(yych != '+') goto yy2; @@ -976,7 +983,7 @@ yy84: if(yych <= '/') goto yy2; yy85: ++YYCURSOR; goto yy86; yy86: -#line 355 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 355 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { int id; @@ -999,7 +1006,7 @@ yy86: return 1; } -#line 689 "<stdout>" +#line 696 "<stdout>" yy87: yych = *++YYCURSOR; if(yych <= ','){ if(yych != '+') goto yy2; @@ -1025,7 +1032,7 @@ yy90: if(yych <= '/') goto yy2; yy91: ++YYCURSOR; goto yy92; yy92: -#line 334 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 334 "/usr/src/php-cvs/ext/standard/var_unserializer.re" { int id; @@ -1046,9 +1053,9 @@ yy92: return 1; } -#line 737 "<stdout>" +#line 744 "<stdout>" } -#line 576 "/home/rei/php_dev/php5.1/ext/standard/var_unserializer.re" +#line 583 "/usr/src/php-cvs/ext/standard/var_unserializer.re" return 0; |