php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login | |
Patch max_input_vars.patch for *General Issues Bug #60655Patch version 2012-01-05 04:08 UTC Return to Bug #60655 | Download this patchThis patch is obsolete Obsoleted by patches:
Developer: laruence@php.netLine 34 (now 34), was 70 lines, now 8 lines -Warning: unserialize() expects exactly 1 parameter, 2 given in %s on line 21 +Notice: unserialize(): Error at offset 0 of 1 bytes in %sserialization_error_001.php on line %d bool(false) Done Index: trunk/ext/standard/tests/serialize/unserialize_max_vars.phpt =================================================================== --- trunk/ext/standard/tests/serialize/unserialize_max_vars.phpt (revision 0) +++ trunk/ext/standard/tests/serialize/unserialize_max_vars.phpt (revision 0) @@ -0,0 +1,57 @@ +--TEST-- +Test unserialize() functions with max_input_vars +--FILE-- +<?php +$str = serialize(array(1,2,3)); // there will be 4 items, array, and 1, 2, 3 + +print_r(unserialize($str, 3)); +print_r(unserialize($str, 4)); + +$str = serialize(array(array(),array(2,3))); // there will be 5 items, array, and array, array, 2, 3 +print_r(unserialize($str, 3)); +print_r(unserialize($str, 5)); + +$obj = (object)(array(array(),array(2,3))); +$str = serialize($obj); + +print_r(unserialize($str, 3)); +print_r(unserialize($str, 5)); +?> +--EXPECTF-- +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d +Array +( + [0] => 1 + [1] => 2 + [2] => 3 +) + +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d +Array +( + [0] => Array + ( + ) + + [1] => Array + ( + [0] => 2 + [1] => 3 + ) + +) + +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d +stdClass Object +( + [0] => Array + ( + ) + + [1] => Array + ( + [0] => 2 + [1] => 3 + ) + +) Index: trunk/ext/standard/var_unserializer.c =================================================================== --- trunk/ext/standard/var_unserializer.c (revision 321767) +++ trunk/ext/standard/var_unserializer.c (working copy) FREE_ZVAL(key); return 0; } + --(BG(unserialize).num_vars); if (Z_TYPE_P(key) != IS_LONG && Z_TYPE_P(key) != IS_STRING) { zval_dtor(key); @@ -297,12 +298,14 @@ switch (Z_TYPE_P(key)) { + } if (var_hash && cursor[0] != 'R') { var_push(var_hash, rval); } } start = cursor; - - if (yych != '"') goto yy18; ++YYCURSOR; -#line 616 "ext/standard/var_unserializer.re" +#line 632 "ext/standard/var_unserializer.re" { INIT_PZVAL(*rval); + ++(BG(unserialize).num_vars); { INIT_PZVAL(*rval); + ++(BG(unserialize).num_vars); return object_common2(UNSERIALIZE_PASSTHRU, object_common1(UNSERIALIZE_PASSTHRU, ZEND_STANDARD_CLASS_DEF_PTR)); } -#line 716 "ext/standard/var_unserializer.c" @@ -561,6 +574,7 @@ INIT_PZVAL(*rval); ZVAL_STRINGL(*rval, str, len, 1); + ++(BG(unserialize).num_vars); return 1; } + ++(BG(unserialize).num_vars); return 1; } @@ -590,6 +604,7 @@ INIT_PZVAL(*rval); ZVAL_STRINGL(*rval, str, len, 0); return object_common2(UNSERIALIZE_PASSTHRU, elements); } Index: trunk/ext/json/json.c =================================================================== =================================================================== --- trunk/ext/json/json.c (revision 321767) +++ trunk/ext/json/json.c (working copy) @@ -99,6 +99,7 @@ REGISTER_LONG_CONSTANT("JSON_ERROR_NONE", PHP_JSON_ERROR_NONE, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("JSON_ERROR_DEPTH", PHP_JSON_ERROR_DEPTH, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("JSON_ERROR_MAX_VARS", PHP_JSON_ERROR_MAX_VARS, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("JSON_ERROR_STATE_MISMATCH", PHP_JSON_ERROR_STATE_MISMATCH, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("JSON_ERROR_CTRL_CHAR", PHP_JSON_ERROR_CTRL_CHAR, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("JSON_ERROR_SYNTAX", PHP_JSON_ERROR_SYNTAX, CONST_CS | CONST_PERSISTENT); @@ -602,7 +603,7 @@ } /* }}} */ } /* }}} */ -PHP_JSON_API void php_json_decode_ex(zval *return_value, char *str, int str_len, int options, long depth TSRMLS_DC) /* {{{ */ +PHP_JSON_API void php_json_decode_ex(zval *return_value, char *str, int str_len, int options, long depth, long max_vars TSRMLS_DC) /* {{{ */ { int utf16_len; - jp = new_JSON_parser(depth); + jp = new_JSON_parser(depth, max_vars); if (parse_JSON_ex(jp, z, utf16, utf16_len, options TSRMLS_CC)) { *return_value = *z; } } @@ -671,7 +672,6 @@ } /* }}} */ zend_bool assoc = 0; /* return JS objects as PHP objects by default */ long depth = JSON_PARSER_DEFAULT_DEPTH; long options = 0; + long max_vars = PG(max_input_vars); - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|bll", &str, &str_len, &assoc, &depth, &options) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|blll", &str, &str_len, &assoc, &depth, &max_vars, &options) == FAILURE) { return; } Line 706 (now 644), was 53 lines, now 8 lines +$x = json_decode($json, false, 512, 1000, JSON_BIGINT_AS_STRING); var_dump($x->largenum); echo "Done\n"; ?> Index: trunk/ext/json/tests/max_input_vars.phpt =================================================================== --- trunk/ext/json/tests/max_input_vars.phpt (revision 0) +++ trunk/ext/json/tests/max_input_vars.phpt (revision 0) @@ -0,0 +1,40 @@ +--TEST-- +json_decode() with max_input_vars +--SKIPIF-- +<?php if (!extension_loaded("json")) print "skip"; ?> +--FILE-- +<?php + +$a = array(1,2,3,4); //an array, and 1,2,3,4 total 5 elements +$str = json_encode($a); + +print_r(json_decode($str, false, 512, 4)); +var_dump(json_last_error() == JSON_ERROR_MAX_VARS); +print_r(json_decode($str, false, 512, 5)); + +$a = array(1,array(1),3); //an array, 1, an array, 1, 3 total 5 elements +$str = json_encode($a); +print_r(json_decode($str, true, 512, 4)); +var_dump(json_last_error() == JSON_ERROR_MAX_VARS); +print_r(json_decode($str, true, 512, 5)); +?> +--EXPECT-- +bool(true) +Array +( + [0] => 1 + [1] => 2 + [2] => 3 + [3] => 4 +) +bool(true) +Array +( + [0] => 1 + [1] => Array + ( + [0] => 1 + ) + + [2] => 3 +) Index: trunk/ext/json/tests/json_decode_error.phpt =================================================================== --- trunk/ext/json/tests/json_decode_error.phpt (revision 321767) +++ trunk/ext/json/tests/json_decode_error.phpt (working copy) Line 1139 (now 1032), was 70 lines, now 8 lines -Warning: unserialize() expects exactly 1 parameter, 2 given in %s on line 21 +Notice: unserialize(): Error at offset 0 of 1 bytes in %sserialization_error_001.php on line %d bool(false) Done Index: branches/PHP_5_4/ext/standard/tests/serialize/unserialize_max_vars.phpt =================================================================== --- branches/PHP_5_4/ext/standard/tests/serialize/unserialize_max_vars.phpt (revision 0) +++ branches/PHP_5_4/ext/standard/tests/serialize/unserialize_max_vars.phpt (revision 0) @@ -0,0 +1,57 @@ +--TEST-- +Test unserialize() functions with max_input_vars +--FILE-- +<?php +$str = serialize(array(1,2,3)); // there will be 4 items, array, and 1, 2, 3 + +print_r(unserialize($str, 3)); +print_r(unserialize($str, 4)); + +$str = serialize(array(array(),array(2,3))); // there will be 5 items, array, and array, array, 2, 3 +print_r(unserialize($str, 3)); +print_r(unserialize($str, 5)); + +$obj = (object)(array(array(),array(2,3))); +$str = serialize($obj); + +print_r(unserialize($str, 3)); +print_r(unserialize($str, 5)); +?> +--EXPECTF-- +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d +Array +( + [0] => 1 + [1] => 2 + [2] => 3 +) + +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d +Array +( + [0] => Array + ( + ) + + [1] => Array + ( + [0] => 2 + [1] => 3 + ) + +) + +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d +stdClass Object +( + [0] => Array + ( + ) + + [1] => Array + ( + [0] => 2 + [1] => 3 + ) + +) Index: branches/PHP_5_4/ext/standard/var_unserializer.c =================================================================== --- branches/PHP_5_4/ext/standard/var_unserializer.c (revision 321767) +++ branches/PHP_5_4/ext/standard/var_unserializer.c (working copy) |
Copyright © 2001-2024 The PHP Group All rights reserved. |
Last updated: Thu Oct 31 23:01:28 2024 UTC |