mirror of
https://github.com/php/php-src.git
synced 2024-09-21 18:07:23 +00:00
Switch PDO to use serialize_deny
And remove dummy __sleep/__wakeup. This switches the thrown exception type from PDOException to Exception.
This commit is contained in:
parent
a624c2bd13
commit
6e4b202694
@ -31,6 +31,11 @@ PHP 7.4 UPGRADE NOTES
|
||||
. The default parameter value of idn_to_ascii() and idn_to_utf8() is now
|
||||
INTL_IDNA_VARIANT_UTS46 instead of the deprecated INTL_IDNA_VARIANT_2003.
|
||||
|
||||
- PDO:
|
||||
. Attempting to serialize a PDO instance will now generate an Exception
|
||||
rather than a PDOException, consistent with other internal classes which
|
||||
do not support serialization.
|
||||
|
||||
- Reflection:
|
||||
. Reflection objects will now generate an exception if an attempt is made
|
||||
to serialize them. Serialization for reflection objects was never
|
||||
|
@ -33,6 +33,7 @@
|
||||
#include "zend_exceptions.h"
|
||||
#include "zend_object_handlers.h"
|
||||
#include "zend_hash.h"
|
||||
#include "zend_interfaces.h"
|
||||
|
||||
static int pdo_dbh_attribute_set(pdo_dbh_t *dbh, zend_long attr, zval *value);
|
||||
|
||||
@ -1153,22 +1154,6 @@ static PHP_METHOD(PDO, quote)
|
||||
}
|
||||
/* }}} */
|
||||
|
||||
/* {{{ proto PDO::__wakeup()
|
||||
Prevents use of a PDO instance that has been unserialized */
|
||||
static PHP_METHOD(PDO, __wakeup)
|
||||
{
|
||||
zend_throw_exception_ex(php_pdo_get_exception(), 0, "You cannot serialize or unserialize PDO instances");
|
||||
}
|
||||
/* }}} */
|
||||
|
||||
/* {{{ proto int PDO::__sleep()
|
||||
Prevents serialization of a PDO instance */
|
||||
static PHP_METHOD(PDO, __sleep)
|
||||
{
|
||||
zend_throw_exception_ex(php_pdo_get_exception(), 0, "You cannot serialize or unserialize PDO instances");
|
||||
}
|
||||
/* }}} */
|
||||
|
||||
/* {{{ proto array PDO::getAvailableDrivers()
|
||||
Return array of available PDO drivers */
|
||||
static PHP_METHOD(PDO, getAvailableDrivers)
|
||||
@ -1241,8 +1226,6 @@ const zend_function_entry pdo_dbh_functions[] = /* {{{ */ {
|
||||
PHP_ME(PDO, errorInfo, arginfo_pdo__void, ZEND_ACC_PUBLIC)
|
||||
PHP_ME(PDO, getAttribute, arginfo_pdo_getattribute, ZEND_ACC_PUBLIC)
|
||||
PHP_ME(PDO, quote, arginfo_pdo_quote, ZEND_ACC_PUBLIC)
|
||||
PHP_ME(PDO, __wakeup, arginfo_pdo__void, ZEND_ACC_PUBLIC|ZEND_ACC_FINAL)
|
||||
PHP_ME(PDO, __sleep, arginfo_pdo__void, ZEND_ACC_PUBLIC|ZEND_ACC_FINAL)
|
||||
PHP_ME(PDO, getAvailableDrivers, arginfo_pdo__void, ZEND_ACC_PUBLIC|ZEND_ACC_STATIC)
|
||||
PHP_FE_END
|
||||
};
|
||||
@ -1384,6 +1367,8 @@ void pdo_dbh_init(void)
|
||||
INIT_CLASS_ENTRY(ce, "PDO", pdo_dbh_functions);
|
||||
pdo_dbh_ce = zend_register_internal_class(&ce);
|
||||
pdo_dbh_ce->create_object = pdo_dbh_new;
|
||||
pdo_dbh_ce->serialize = zend_class_serialize_deny;
|
||||
pdo_dbh_ce->unserialize = zend_class_unserialize_deny;
|
||||
|
||||
memcpy(&pdo_dbh_object_handlers, &std_object_handlers, sizeof(zend_object_handlers));
|
||||
pdo_dbh_object_handlers.offset = XtOffsetOf(pdo_dbh_object_t, std);
|
||||
|
@ -25,5 +25,5 @@ try {
|
||||
echo "PHP Didn't crash!\n";
|
||||
?>
|
||||
--EXPECT--
|
||||
Safely caught You cannot serialize or unserialize PDO instances
|
||||
Safely caught Serialization of 'PDO' is not allowed
|
||||
PHP Didn't crash!
|
||||
|
@ -29,8 +29,6 @@ if (false == MySQLPDOTest::detect_transactional_mysql_engine($db))
|
||||
'getAttribute' => true,
|
||||
'quote' => true,
|
||||
'inTransaction' => true,
|
||||
'__wakeup' => true,
|
||||
'__sleep' => true,
|
||||
'getAvailableDrivers' => true,
|
||||
);
|
||||
$classname = get_class($db);
|
||||
|
Loading…
Reference in New Issue
Block a user