diff options
author | Ilia Alshanetsky <iliaa@php.net> | 2005-11-30 18:13:17 +0000 |
---|---|---|
committer | Ilia Alshanetsky <iliaa@php.net> | 2005-11-30 18:13:17 +0000 |
commit | 92fd7f24a5fc8e86a65938237bd1cffa256186b5 (patch) | |
tree | 63acc16ed183c456a99c8e8229380d0d77ecaa83 /ext/wddx | |
parent | 6160b285f755ee77af8bd0bbbe702c7e10173f28 (diff) | |
download | php-git-92fd7f24a5fc8e86a65938237bd1cffa256186b5.tar.gz |
MFB51: Fixed bug #35410 (wddx_deserialize() doesn't handle large ints as keys
properly).
Diffstat (limited to 'ext/wddx')
-rwxr-xr-x | ext/wddx/tests/bug35410.phpt | 71 | ||||
-rw-r--r-- | ext/wddx/wddx.c | 4 |
2 files changed, 75 insertions, 0 deletions
diff --git a/ext/wddx/tests/bug35410.phpt b/ext/wddx/tests/bug35410.phpt new file mode 100755 index 0000000000..a14544d03c --- /dev/null +++ b/ext/wddx/tests/bug35410.phpt @@ -0,0 +1,71 @@ +--TEST-- +#35410 (wddx_deserialize() doesn't handle large ints as keys properly) +--FILE-- +<?php +$wddx = <<<WDX +<wddxpacket version="1.0"> +<header> +<comment>Content Configuration File</comment> +</header> +<data> +<struct> +<var name="content_queries"> +<struct> +<var name="content_113300831086270200"> +<struct> +<var name="113301888545229100"> +<struct> +<var name="max"> +<number>10</number> +</var> +<var name="cache"> +<number>4</number> +</var> +<var name="order"> +<struct> +<var name="content_113300831086270200"> +<struct> +<var name="CMS_BUILD"> +<string>desc</string> +</var> +</struct> +</var> +</struct> +</var> +</struct> +</var> +</struct> +</var> +</struct> +</var> +</struct> +</data> +</wddxpacket> +WDX; + +var_dump(wddx_deserialize($wddx)); +?> +--EXPECT-- +array(1) { + ["content_queries"]=> + array(1) { + ["content_113300831086270200"]=> + array(1) { + ["113301888545229100"]=> + array(3) { + ["max"]=> + int(10) + ["cache"]=> + int(4) + ["order"]=> + array(1) { + ["content_113300831086270200"]=> + array(1) { + ["CMS_BUILD"]=> + string(4) "desc" + } + } + } + } + } +} diff --git a/ext/wddx/wddx.c b/ext/wddx/wddx.c index ff6744a01d..a3b629f9d7 100644 --- a/ext/wddx/wddx.c +++ b/ext/wddx/wddx.c @@ -1006,11 +1006,15 @@ static void php_wddx_pop_element(void *user_data, const XML_Char *name) switch (is_numeric_string(ent1->varname, strlen(ent1->varname), &l, &d, 0)) { case IS_DOUBLE: + if (d > INT_MAX) { + goto bigint; + } l = (long) d; case IS_LONG: zend_hash_index_update(target_hash, l, &ent1->data, sizeof(zval *), NULL); break; default: +bigint: zend_hash_update(target_hash,ent1->varname, strlen(ent1->varname)+1, &ent1->data, sizeof(zval *), NULL); } } |