php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Return to Bug #60655
Patch rand_hash_resize.patch revision 2012-01-05 08:09 UTC by laruence@php.net
Patch max_input_vars.patch revision 2012-01-05 05:04 UTC by laruence@php.net
revision 2012-01-05 05:03 UTC by laruence@php.net
revision 2012-01-05 05:02 UTC by laruence@php.net
revision 2012-01-05 04:17 UTC by laruence@php.net
revision 2012-01-05 04:08 UTC by laruence@php.net

Patch max_input_vars.patch for *General Issues Bug #60655

Patch version 2012-01-05 04:08 UTC

Return to Bug #60655 | Download this patch
This patch is obsolete

Obsoleted by patches:

Patch Revisions: 2012-01-05 05:04 UTC | 2012-01-05 05:03 UTC | 2012-01-05 05:02 UTC | 2012-01-05 04:17 UTC | 2012-01-05 04:08 UTC

Developer: laruence@php.net

Line 34 (now 34), was 70 lines, now 8 lines

  -Warning: unserialize() expects exactly 1 parameter, 2 given in %s on line 21
  +Notice: unserialize(): Error at offset 0 of 1 bytes in %sserialization_error_001.php on line %d
   bool(false)
   Done
 Index: trunk/ext/standard/tests/serialize/unserialize_max_vars.phpt
 ===================================================================
 --- trunk/ext/standard/tests/serialize/unserialize_max_vars.phpt	(revision 0)
 +++ trunk/ext/standard/tests/serialize/unserialize_max_vars.phpt	(revision 0)
 @@ -0,0 +1,57 @@
 +--TEST--
 +Test unserialize() functions with max_input_vars
 +--FILE--
 +<?php
 +$str = serialize(array(1,2,3)); // there will be 4 items, array, and 1, 2, 3
 +
 +print_r(unserialize($str, 3));
 +print_r(unserialize($str, 4));
 +
 +$str = serialize(array(array(),array(2,3))); // there will be 5 items, array, and array, array, 2, 3
 +print_r(unserialize($str, 3));
 +print_r(unserialize($str, 5));
 +
 +$obj = (object)(array(array(),array(2,3)));
 +$str = serialize($obj);
 +
 +print_r(unserialize($str, 3));
 +print_r(unserialize($str, 5));
 +?>
 +--EXPECTF--
 +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d
 +Array
 +(
 +    [0] => 1
 +    [1] => 2
 +    [2] => 3
 +)
 +
 +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d
 +Array
 +(
 +    [0] => Array
 +        (
 +        )
 +
 +    [1] => Array
 +        (
 +            [0] => 2
 +            [1] => 3
 +        )
 +
 +)
 +
 +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d
 +stdClass Object
 +(
 +    [0] => Array
 +        (
 +        )
 +
 +    [1] => Array
 +        (
 +            [0] => 2
 +            [1] => 3
 +        )
 +
 +)
  Index: trunk/ext/standard/var_unserializer.c
  ===================================================================
  --- trunk/ext/standard/var_unserializer.c	(revision 321767)
  +++ trunk/ext/standard/var_unserializer.c	(working copy)


   			FREE_ZVAL(key);
   			return 0;
   		}
  +        --(BG(unserialize).num_vars);
  
  
   		if (Z_TYPE_P(key) != IS_LONG && Z_TYPE_P(key) != IS_STRING) {
   			zval_dtor(key);
  @@ -297,12 +298,14 @@
   			switch (Z_TYPE_P(key)) {


  +    }
   	
   	if (var_hash && cursor[0] != 'R') {
   		var_push(var_hash, rval);
  	}
  
  	}
  
   	start = cursor;
  -
   	
  -	


   	if (yych != '"') goto yy18;
   	++YYCURSOR;
  -#line 616 "ext/standard/var_unserializer.re"
  +#line 632 "ext/standard/var_unserializer.re"
  	{
  
  	INIT_PZVAL(*rval);
  	
 +    ++(BG(unserialize).num_vars);
  	{
  
  	INIT_PZVAL(*rval);
  	
 +    ++(BG(unserialize).num_vars);
   	return object_common2(UNSERIALIZE_PASSTHRU,
   			object_common1(UNSERIALIZE_PASSTHRU, ZEND_STANDARD_CLASS_DEF_PTR));
   }
  -#line 716 "ext/standard/var_unserializer.c"


  @@ -561,6 +574,7 @@
   
   	INIT_PZVAL(*rval);
   	ZVAL_STRINGL(*rval, str, len, 1);
 +    ++(BG(unserialize).num_vars);
  	return 1;
  }
  
 +    ++(BG(unserialize).num_vars);
  	return 1;
  }
  
  @@ -590,6 +604,7 @@
   
   	INIT_PZVAL(*rval);
   	ZVAL_STRINGL(*rval, str, len, 0);


   	return object_common2(UNSERIALIZE_PASSTHRU, elements);
   }
   
  Index: trunk/ext/json/json.c
 ===================================================================
 ===================================================================
  --- trunk/ext/json/json.c	(revision 321767)
  +++ trunk/ext/json/json.c	(working copy)
  @@ -99,6 +99,7 @@
  
  
   	REGISTER_LONG_CONSTANT("JSON_ERROR_NONE", PHP_JSON_ERROR_NONE, CONST_CS | CONST_PERSISTENT);
   	REGISTER_LONG_CONSTANT("JSON_ERROR_DEPTH", PHP_JSON_ERROR_DEPTH, CONST_CS | CONST_PERSISTENT);
  +	REGISTER_LONG_CONSTANT("JSON_ERROR_MAX_VARS", PHP_JSON_ERROR_MAX_VARS, CONST_CS | CONST_PERSISTENT);
   	REGISTER_LONG_CONSTANT("JSON_ERROR_STATE_MISMATCH", PHP_JSON_ERROR_STATE_MISMATCH, CONST_CS | CONST_PERSISTENT);
   	REGISTER_LONG_CONSTANT("JSON_ERROR_CTRL_CHAR", PHP_JSON_ERROR_CTRL_CHAR, CONST_CS | CONST_PERSISTENT);
   	REGISTER_LONG_CONSTANT("JSON_ERROR_SYNTAX", PHP_JSON_ERROR_SYNTAX, CONST_CS | CONST_PERSISTENT);
  @@ -602,7 +603,7 @@
  }
  /* }}} */
  
  }
  /* }}} */
  
  -PHP_JSON_API void php_json_decode_ex(zval *return_value, char *str, int str_len, int options, long depth TSRMLS_DC) /* {{{ */
  +PHP_JSON_API void php_json_decode_ex(zval *return_value, char *str, int str_len, int options, long depth, long max_vars TSRMLS_DC) /* {{{ */
   {
   	int utf16_len;


  -	jp = new_JSON_parser(depth);
  +	jp = new_JSON_parser(depth, max_vars);
   	if (parse_JSON_ex(jp, z, utf16, utf16_len, options TSRMLS_CC)) {
   		*return_value = *z;
  	}
  	}
  @@ -671,7 +672,6 @@
   }
   /* }}} */
   


   	zend_bool assoc = 0; /* return JS objects as PHP objects by default */
   	long depth = JSON_PARSER_DEFAULT_DEPTH;
   	long options = 0;
  +	long max_vars = PG(max_input_vars);
  
  
  -	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|bll", &str, &str_len, &assoc, &depth, &options) == FAILURE) {
  +	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|blll", &str, &str_len, &assoc, &depth, &max_vars, &options) == FAILURE) {
   		return;
   	}
Line 706 (now 644), was 53 lines, now 8 lines

  +$x = json_decode($json, false, 512, 1000, JSON_BIGINT_AS_STRING);
   var_dump($x->largenum);
   echo "Done\n";
   ?>
 Index: trunk/ext/json/tests/max_input_vars.phpt
 ===================================================================
 --- trunk/ext/json/tests/max_input_vars.phpt	(revision 0)
 +++ trunk/ext/json/tests/max_input_vars.phpt	(revision 0)
 @@ -0,0 +1,40 @@
 +--TEST--
 +json_decode() with max_input_vars
 +--SKIPIF--
 +<?php if (!extension_loaded("json")) print "skip"; ?>
 +--FILE--
 +<?php
 +
 +$a = array(1,2,3,4); //an array, and 1,2,3,4 total 5 elements
 +$str = json_encode($a);
 +
 +print_r(json_decode($str, false, 512, 4));
 +var_dump(json_last_error() == JSON_ERROR_MAX_VARS);
 +print_r(json_decode($str, false, 512, 5));
 +
 +$a = array(1,array(1),3); //an array, 1, an array, 1, 3 total 5 elements
 +$str = json_encode($a);
 +print_r(json_decode($str, true, 512, 4));
 +var_dump(json_last_error() == JSON_ERROR_MAX_VARS);
 +print_r(json_decode($str, true, 512, 5));
 +?>
 +--EXPECT--
 +bool(true)
 +Array
 +(
 +    [0] => 1
 +    [1] => 2
 +    [2] => 3
 +    [3] => 4
 +)
 +bool(true)
 +Array
 +(
 +    [0] => 1
 +    [1] => Array
 +        (
 +            [0] => 1
 +        )
 +
 +    [2] => 3
 +)
  Index: trunk/ext/json/tests/json_decode_error.phpt
  ===================================================================
  --- trunk/ext/json/tests/json_decode_error.phpt	(revision 321767)
  +++ trunk/ext/json/tests/json_decode_error.phpt	(working copy)
Line 1139 (now 1032), was 70 lines, now 8 lines

  -Warning: unserialize() expects exactly 1 parameter, 2 given in %s on line 21
  +Notice: unserialize(): Error at offset 0 of 1 bytes in %sserialization_error_001.php on line %d
   bool(false)
   Done
 Index: branches/PHP_5_4/ext/standard/tests/serialize/unserialize_max_vars.phpt
 ===================================================================
 --- branches/PHP_5_4/ext/standard/tests/serialize/unserialize_max_vars.phpt	(revision 0)
 +++ branches/PHP_5_4/ext/standard/tests/serialize/unserialize_max_vars.phpt	(revision 0)
 @@ -0,0 +1,57 @@
 +--TEST--
 +Test unserialize() functions with max_input_vars
 +--FILE--
 +<?php
 +$str = serialize(array(1,2,3)); // there will be 4 items, array, and 1, 2, 3
 +
 +print_r(unserialize($str, 3));
 +print_r(unserialize($str, 4));
 +
 +$str = serialize(array(array(),array(2,3))); // there will be 5 items, array, and array, array, 2, 3
 +print_r(unserialize($str, 3));
 +print_r(unserialize($str, 5));
 +
 +$obj = (object)(array(array(),array(2,3)));
 +$str = serialize($obj);
 +
 +print_r(unserialize($str, 3));
 +print_r(unserialize($str, 5));
 +?>
 +--EXPECTF--
 +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d
 +Array
 +(
 +    [0] => 1
 +    [1] => 2
 +    [2] => 3
 +)
 +
 +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d
 +Array
 +(
 +    [0] => Array
 +        (
 +        )
 +
 +    [1] => Array
 +        (
 +            [0] => 2
 +            [1] => 3
 +        )
 +
 +)
 +
 +Warning: unserialize(): Unserialized variables exceeded 3 in %sunserialize_max_vars.php on line %d
 +stdClass Object
 +(
 +    [0] => Array
 +        (
 +        )
 +
 +    [1] => Array
 +        (
 +            [0] => 2
 +            [1] => 3
 +        )
 +
 +)
  Index: branches/PHP_5_4/ext/standard/var_unserializer.c
  ===================================================================
  --- branches/PHP_5_4/ext/standard/var_unserializer.c	(revision 321767)
  +++ branches/PHP_5_4/ext/standard/var_unserializer.c	(working copy)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Oct 31 23:01:28 2024 UTC