summaryrefslogtreecommitdiff
path: root/ext/standard/var_unserializer.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/standard/var_unserializer.c')
-rw-r--r--ext/standard/var_unserializer.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/ext/standard/var_unserializer.c b/ext/standard/var_unserializer.c
index eb1a90d1d..5bdfaf4ce 100644
--- a/ext/standard/var_unserializer.c
+++ b/ext/standard/var_unserializer.c
@@ -1,4 +1,4 @@
-/* Generated by re2c 0.13.5 on Fri Apr 18 15:07:27 2014 */
+/* Generated by re2c 0.13.5 on Sat Jun 21 21:27:56 2014 */
/*
+----------------------------------------------------------------------+
| PHP Version 5 |
@@ -22,6 +22,7 @@
#include "php.h"
#include "ext/standard/php_var.h"
#include "php_incomplete_class.h"
+#include "Zend/zend_interfaces.h"
/* {{{ reference-handling for unserializer: var_* */
#define VAR_ENTRIES_MAX 1024
@@ -394,7 +395,11 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce)
(*p) += 2;
- if (ce->serialize == NULL) {
+ /* The internal class check here is a BC fix only, userspace classes implementing the
+ Serializable interface have eventually an inconsistent behavior at this place when
+ unserialized from a manipulated string. Additionaly the interal classes can possibly
+ crash PHP so they're still disabled here. */
+ if (ce->serialize == NULL || ce->unserialize == zend_user_unserialize || (ZEND_INTERNAL_CLASS != ce->type && ce->create_object == NULL)) {
object_init_ex(*rval, ce);
} else {
/* If this class implements Serializable, it should not land here but in object_custom(). The passed string
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-28 11:44:55 +0000