|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
Patch fix-5.5 for *General Issues Bug #68089Patch version 2014-09-29 00:54 UTC Return to Bug #68089 | Download this patchThis patch is obsolete Obsoleted by patches: Patch Revisions:Developer: stas@php.net
commit 1574ee88ad62978089ac3c251ba8917a4cbf97dd
Author: Stanislav Malyshev <stas@php.net>
Date: Sun Sep 28 17:53:49 2014 -0700
Fix bug #68089 - do not accept options with embedded \0
diff --git a/ext/curl/interface.c b/ext/curl/interface.c
index 765918c..ac5e20f 100644
--- a/ext/curl/interface.c
+++ b/ext/curl/interface.c
@@ -169,6 +169,11 @@ static int php_curl_option_str(php_curl *ch, long option, const char *str, const
{
CURLcode error = CURLE_OK;
+ if (strlen(str) != len) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Curl option %ld contains invalid characters (\\0)", option);
+ return FAILURE;
+ }
+
#if LIBCURL_VERSION_NUM >= 0x071100
if (make_copy) {
#endif
diff --git a/ext/standard/var.c b/ext/standard/var.c
index d05f055..5bf8e08 100644
--- a/ext/standard/var.c
+++ b/ext/standard/var.c
@@ -951,6 +951,7 @@ PHP_FUNCTION(unserialize)
int buf_len;
const unsigned char *p;
php_unserialize_data_t var_hash;
+ zval *return_value_old = return_value;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &buf, &buf_len) == FAILURE) {
RETURN_FALSE;
@@ -970,6 +971,10 @@ PHP_FUNCTION(unserialize)
}
RETURN_FALSE;
}
+ if(return_value != return_value_old) {
+ *return_value_old = *return_value;
+ Z_ADDREF_P(return_value_old);
+ }
PHP_VAR_UNSERIALIZE_DESTROY(var_hash);
}
/* }}} */
|
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu Nov 21 12:01:29 2024 UTC |