summaryrefslogtreecommitdiff
path: root/ext/standard/var_unserializer.re
diff options
context:
space:
mode:
Diffstat (limited to 'ext/standard/var_unserializer.re')
-rw-r--r--ext/standard/var_unserializer.re53
1 files changed, 40 insertions, 13 deletions
diff --git a/ext/standard/var_unserializer.re b/ext/standard/var_unserializer.re
index 4d99cbfd78..76c501e1b5 100644
--- a/ext/standard/var_unserializer.re
+++ b/ext/standard/var_unserializer.re
@@ -24,6 +24,7 @@
/* {{{ reference-handling for unserializer: var_* */
#define VAR_ENTRIES_MAX 1024
+#define VAR_ENTRIES_DBG 0
typedef struct {
zval *data[VAR_ENTRIES_MAX];
@@ -34,7 +35,7 @@ typedef struct {
static inline void var_push(php_unserialize_data_t *var_hashx, zval **rval)
{
var_entries *var_hash = (*var_hashx)->last;
-#if 0
+#if VAR_ENTRIES_DBG
fprintf(stderr, "var_push(%ld): %d\n", var_hash?var_hash->used_slots:-1L, Z_TYPE_PP(rval));
#endif
@@ -58,7 +59,7 @@ static inline void var_push(php_unserialize_data_t *var_hashx, zval **rval)
PHPAPI void var_push_dtor(php_unserialize_data_t *var_hashx, zval **rval)
{
var_entries *var_hash = (*var_hashx)->last_dtor;
-#if 0
+#if VAR_ENTRIES_DBG
fprintf(stderr, "var_push_dtor(%ld): %d\n", var_hash?var_hash->used_slots:-1L, Z_TYPE_PP(rval));
#endif
@@ -80,11 +81,35 @@ PHPAPI void var_push_dtor(php_unserialize_data_t *var_hashx, zval **rval)
var_hash->data[var_hash->used_slots++] = *rval;
}
+PHPAPI void var_push_dtor_no_addref(php_unserialize_data_t *var_hashx, zval **rval)
+{
+ var_entries *var_hash = (*var_hashx)->last_dtor;
+#if VAR_ENTRIES_DBG
+ fprintf(stderr, "var_push_dtor_no_addref(%ld): %d (%d)\n", var_hash?var_hash->used_slots:-1L, Z_TYPE_PP(rval), Z_REFCOUNT_PP(rval));
+#endif
+
+ if (!var_hash || var_hash->used_slots == VAR_ENTRIES_MAX) {
+ var_hash = emalloc(sizeof(var_entries));
+ var_hash->used_slots = 0;
+ var_hash->next = 0;
+
+ if (!(*var_hashx)->first_dtor) {
+ (*var_hashx)->first_dtor = var_hash;
+ } else {
+ ((var_entries *) (*var_hashx)->last_dtor)->next = var_hash;
+ }
+
+ (*var_hashx)->last_dtor = var_hash;
+ }
+
+ var_hash->data[var_hash->used_slots++] = *rval;
+}
+
PHPAPI void var_replace(php_unserialize_data_t *var_hashx, zval *ozval, zval **nzval)
{
long i;
var_entries *var_hash = (*var_hashx)->first;
-#if 0
+#if VAR_ENTRIES_DBG
fprintf(stderr, "var_replace(%ld): %d\n", var_hash?var_hash->used_slots:-1L, Z_TYPE_PP(nzval));
#endif
@@ -102,7 +127,7 @@ PHPAPI void var_replace(php_unserialize_data_t *var_hashx, zval *ozval, zval **n
static int var_access(php_unserialize_data_t *var_hashx, long id, zval ***store)
{
var_entries *var_hash = (*var_hashx)->first;
-#if 0
+#if VAR_ENTRIES_DBG
fprintf(stderr, "var_access(%ld): %ld\n", var_hash?var_hash->used_slots:-1L, id);
#endif
@@ -125,7 +150,7 @@ PHPAPI void var_destroy(php_unserialize_data_t *var_hashx)
void *next;
long i;
var_entries *var_hash = (*var_hashx)->first;
-#if 0
+#if VAR_ENTRIES_DBG
fprintf(stderr, "var_destroy(%ld)\n", var_hash?var_hash->used_slots:-1L);
#endif
@@ -472,7 +497,7 @@ PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
if (*rval == *rval_ref) return 0;
if (*rval != NULL) {
- zval_ptr_dtor(rval);
+ var_push_dtor_no_addref(var_hash, rval);
}
*rval = *rval_ref;
Z_ADDREF_PP(rval);
@@ -683,9 +708,9 @@ object ":" uiv ":" ["] {
do {
/* Try to find class directly */
- BG(serialize_lock) = 1;
+ BG(serialize_lock)++;
if (zend_lookup_class(class_name, len2, &pce TSRMLS_CC) == SUCCESS) {
- BG(serialize_lock) = 0;
+ BG(serialize_lock)--;
if (EG(exception)) {
efree(class_name);
return 0;
@@ -693,7 +718,7 @@ object ":" uiv ":" ["] {
ce = *pce;
break;
}
- BG(serialize_lock) = 0;
+ BG(serialize_lock)--;
if (EG(exception)) {
efree(class_name);
@@ -713,9 +738,9 @@ object ":" uiv ":" ["] {
args[0] = &arg_func_name;
MAKE_STD_ZVAL(arg_func_name);
ZVAL_STRING(arg_func_name, class_name, 1);
- BG(serialize_lock) = 1;
+ BG(serialize_lock)++;
if (call_user_function_ex(CG(function_table), NULL, user_func, &retval_ptr, 1, args, 0, NULL TSRMLS_CC) != SUCCESS) {
- BG(serialize_lock) = 0;
+ BG(serialize_lock)--;
if (EG(exception)) {
efree(class_name);
zval_ptr_dtor(&user_func);
@@ -729,7 +754,7 @@ object ":" uiv ":" ["] {
zval_ptr_dtor(&arg_func_name);
break;
}
- BG(serialize_lock) = 0;
+ BG(serialize_lock)--;
if (retval_ptr) {
zval_ptr_dtor(&retval_ptr);
}
@@ -757,7 +782,9 @@ object ":" uiv ":" ["] {
*p = YYCURSOR;
if (custom_object) {
- int ret = object_custom(UNSERIALIZE_PASSTHRU, ce);
+ int ret;
+
+ ret = object_custom(UNSERIALIZE_PASSTHRU, ce);
if (ret && incomplete_class) {
php_store_class_name(*rval, class_name, len2);
View Lorry Controller Status