Patch Fix-add-exception-checking for Reproducible crash Bug #62852

Patch version 2012-09-16 02:18 UTC

• 2012-09-16 02:18 UTC [diff to current]

Developer: reeze@php.net

From 8dd599de1dd8847b4031cbfee466abbde65a7016 Mon Sep 17 00:00:00 2001
From: Reeze Xia <reeze@php.net>
Date: Sun, 16 Sep 2012 10:09:55 +0800
Subject: [PATCH] Fixed bug #62852 (Unserialize invalid DateTime causes crash)


Signed-off-by: Reeze Xia <reeze@php.net>
---
 ext/date/php_date.c |   19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/ext/date/php_date.c b/ext/date/php_date.c
index e8a4570..e9a7270 100644
--- a/ext/date/php_date.c
+++ b/ext/date/php_date.c
@@ -2544,6 +2544,9 @@ static int php_date_initialize_from_hash(zval **return_value, php_date_obj **dat
 		if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS) {
 			convert_to_long(*z_timezone_type);
 			if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS) {
+				zend_error_handling error_handling;
+
+				zend_replace_error_handling(EH_THROW, NULL, &error_handling TSRMLS_CC);
 				convert_to_string(*z_timezone);
 
 				switch (Z_LVAL_PP(z_timezone_type)) {
@@ -2551,9 +2554,9 @@ static int php_date_initialize_from_hash(zval **return_value, php_date_obj **dat
 					case TIMELIB_ZONETYPE_ABBR: {
 						char *tmp = emalloc(Z_STRLEN_PP(z_date) + Z_STRLEN_PP(z_timezone) + 2);
 						snprintf(tmp, Z_STRLEN_PP(z_date) + Z_STRLEN_PP(z_timezone) + 2, "%s %s", Z_STRVAL_PP(z_date), Z_STRVAL_PP(z_timezone));
-						php_date_initialize(*dateobj, tmp, Z_STRLEN_PP(z_date) + Z_STRLEN_PP(z_timezone) + 1, NULL, NULL, 0 TSRMLS_CC);
+						php_date_initialize(*dateobj, tmp, Z_STRLEN_PP(z_date) + Z_STRLEN_PP(z_timezone) + 1, NULL, NULL, 1 TSRMLS_CC);
 						efree(tmp);
-						return 1;
+						break;
 					}
 
 					case TIMELIB_ZONETYPE_ID:
@@ -2567,10 +2570,18 @@ static int php_date_initialize_from_hash(zval **return_value, php_date_obj **dat
 						tzobj->tzi.tz = tzi;
 						tzobj->initialized = 1;
 
-						php_date_initialize(*dateobj, Z_STRVAL_PP(z_date), Z_STRLEN_PP(z_date), NULL, tmp_obj, 0 TSRMLS_CC);
+						php_date_initialize(*dateobj, Z_STRVAL_PP(z_date), Z_STRLEN_PP(z_date), NULL, tmp_obj, 1 TSRMLS_CC);
 						zval_ptr_dtor(&tmp_obj);
-						return 1;
+						break;
+					default:
+						zend_restore_error_handling(&error_handling TSRMLS_CC);
+						return 0;
+				}
+				zend_restore_error_handling(&error_handling TSRMLS_CC);
+				if (EG(exception)) {
+					(*dateobj)->time = NULL;
 				}
+				return 1;
 			}
 		}
 	}
-- 
1.7.9.6 (Apple Git-31.1)