mirror of
https://github.com/php/php-src.git
synced 2024-09-22 02:17:32 +00:00
Fixed bug #49800 (SimpleXML allow (un)serialize() calls without warning).
# original patch by wmeler at wp-sa dot pl
This commit is contained in:
parent
264d6db5a6
commit
b6b56ba87a
2
NEWS
2
NEWS
@ -13,6 +13,8 @@ PHP NEWS
|
||||
- Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
|
||||
Stachowiak. (Rasmus)
|
||||
|
||||
- Fixed bug #49800 (SimpleXML allow (un)serialize() calls without warning).
|
||||
(Ilia, wmeler at wp-sa dot pl)
|
||||
- Fixed bug #49757 (long2ip() can return wrong value in a multi-threaded
|
||||
applications). (Ilia, Florian Anderiasch)
|
||||
- Fixed bug #49738 (calling mcrypt after mcrypt_generic_deinit crashes).
|
||||
|
@ -2531,7 +2531,8 @@ PHP_MINIT_FUNCTION(simplexml)
|
||||
sxe_object_handlers.get_constructor = zend_get_std_object_handlers()->get_constructor;
|
||||
sxe_object_handlers.get_class_entry = zend_get_std_object_handlers()->get_class_entry;
|
||||
sxe_object_handlers.get_class_name = zend_get_std_object_handlers()->get_class_name;
|
||||
|
||||
sxe_class_entry->serialize = zend_class_serialize_deny;
|
||||
sxe_class_entry->unserialize = zend_class_unserialize_deny;
|
||||
|
||||
php_libxml_register_export(sxe_class_entry, simplexml_export_node);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user