standard var_unserializer.c var_unserializer.re

Marcus Boerger Wed, 01 Dec 2004 15:04:34 -0800

Hello Stefan,

 good catch :-)


Wednesday, December 1, 2004, 11:42:00 PM, you wrote:

> sesser          Wed Dec  1 17:42:00 2004 EDT

>   Modified files:              
>     /php-src/ext/standard       var_unserializer.c var_unserializer.re 
>   Log:
>   Beware of negative indices
  
  
  
> http://cvs.php.net/diff.php/php-src/ext/standard/var_unserializer.c?r1=1.44&r2=1.45&ty=u
> Index: php-src/ext/standard/var_unserializer.c
> diff -u php-src/ext/standard/var_unserializer.c:1.44
> php-src/ext/standard/var_unserializer.c:1.45
> --- php-src/ext/standard/var_unserializer.c:1.44        Sun Sep 26 17:49:16 
> 2004
> +++ php-src/ext/standard/var_unserializer.c     Wed Dec  1 17:42:00 2004
> @@ -18,7 +18,7 @@
>   
> +----------------------------------------------------------------------+
>  */
 
> -/* $Id: var_unserializer.c,v 1.44 2004/09/26 21:49:16 helly Exp $ */
> +/* $Id: var_unserializer.c,v 1.45 2004/12/01 22:42:00 sesser Exp $ */
 
>  #include "php.h"
>  #include "ext/standard/php_var.h"
> @@ -83,7 +83,7 @@
 
>         if (!var_hash) return !SUCCESS;
 
> -       if (id >= var_hash->used_slots) return !SUCCESS;
> +       if (id < 0 || id >= var_hash->used_slots) return !SUCCESS;
 
>         *store = &var_hash->data[id];
 
> http://cvs.php.net/diff.php/php-src/ext/standard/var_unserializer.re?r1=1.33&r2=1.34&ty=u
> Index: php-src/ext/standard/var_unserializer.re
> diff -u php-src/ext/standard/var_unserializer.re:1.33
> php-src/ext/standard/var_unserializer.re:1.34
> --- php-src/ext/standard/var_unserializer.re:1.33       Sun Sep 26 17:47:27 
> 2004
> +++ php-src/ext/standard/var_unserializer.re    Wed Dec  1 17:42:00 2004
> @@ -16,7 +16,7 @@
>   
> +----------------------------------------------------------------------+
>  */
 
> -/* $Id: var_unserializer.re,v 1.33 2004/09/26 21:47:27 helly Exp $ */
> +/* $Id: var_unserializer.re,v 1.34 2004/12/01 22:42:00 sesser Exp $ */
 
>  #include "php.h"
>  #include "ext/standard/php_var.h"
> @@ -81,7 +81,7 @@
 
>         if (!var_hash) return !SUCCESS;
 
> -       if (id >= var_hash->used_slots) return !SUCCESS;
> +       if (id < 0 || id >= var_hash->used_slots) return !SUCCESS;
 
>         *store = &var_hash->data[id];
 




-- 
Best regards,
 Marcus                            mailto:[EMAIL PROTECTED]

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-CVS] cvs: php-src /ext/standard var_unserializer.c var_unserializer.re

Reply via email to