clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-27 12:57:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
84,472 Commits 494 Branches 1,367 Tags 781 MiB
e338e26ab7
Commit Graph

7 Commits

Author SHA1 Message Date
Anatol Belski
c2acdbdd3d Improved the fix for bug #67072, thanks Nikita 2014-04-18 15:13:32 +02:00
Anatol Belski
5328d42899 Fixed bug #67072 Echoing unserialized "SplFileObject" crash 
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.

This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.
 2014-04-17 10:48:14 +02:00
Xinchen Hui
610c7fbe7b Remove executable permission on phpt 2012-10-10 10:27:49 +08:00
Robin Fernandes
bd9e026951 Adding more tests for serialize() and unserialize(). 2008-03-18 15:11:48 +00:00
Marcus Boerger
58d45bfe2e - Add new test 2005-04-05 09:23:14 +00:00
Marcus Boerger
0137868171 No more namespaces 2003-06-14 22:10:15 +00:00
Marcus Boerger
e035046ac2 Add new test 2003-05-24 17:10:34 +00:00