summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS2
-rw-r--r--ext/simplexml/simplexml.c3
2 files changed, 4 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index f3638fce36..2a63953dbc 100644
--- a/NEWS
+++ b/NEWS
@@ -13,6 +13,8 @@ PHP NEWS
- Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
Stachowiak. (Rasmus)
+- Fixed bug #49800 (SimpleXML allow (un)serialize() calls without warning).
+ (Ilia, wmeler at wp-sa dot pl)
- Fixed bug #49757 (long2ip() can return wrong value in a multi-threaded
applications). (Ilia, Florian Anderiasch)
- Fixed bug #49738 (calling mcrypt after mcrypt_generic_deinit crashes).
diff --git a/ext/simplexml/simplexml.c b/ext/simplexml/simplexml.c
index ca6d7cb4a8..0c2fbe6e68 100644
--- a/ext/simplexml/simplexml.c
+++ b/ext/simplexml/simplexml.c
@@ -2531,7 +2531,8 @@ PHP_MINIT_FUNCTION(simplexml)
sxe_object_handlers.get_constructor = zend_get_std_object_handlers()->get_constructor;
sxe_object_handlers.get_class_entry = zend_get_std_object_handlers()->get_class_entry;
sxe_object_handlers.get_class_name = zend_get_std_object_handlers()->get_class_name;
-
+ sxe_class_entry->serialize = zend_class_serialize_deny;
+ sxe_class_entry->unserialize = zend_class_unserialize_deny;
php_libxml_register_export(sxe_class_entry, simplexml_export_node);
View Lorry Controller Status