Commit: f2bffdc2e48174e38a059d425953e8b1c08dd4bf Author: Antony Dovgal <tony2...@php.net> Fri, 26 Oct 2012 16:36:47 +0400 Parents: 4f4d77805c6afdddce0c8184ee6b1dddab7da6a7 Branches: PHP-5.4
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=f2bffdc2e48174e38a059d425953e8b1c08dd4bf Log: fix bug #63369 (un)serialize() leaves dangling pointers, causes crashes Bugs: https://bugs.php.net/63369 Changed paths: M NEWS M ext/standard/basic_functions.c Diff: diff --git a/NEWS b/NEWS index 10694f6..c846798 100644 --- a/NEWS +++ b/NEWS @@ -4,6 +4,8 @@ PHP NEWS - Core: . Fixed bug #63305 (zend_mm_heap corrupted with traits). (Dmitry, Laruence) + . Fixed bug #63369 ((un)serialize() leaves dangling pointers, causes crashes). + (Tony, Andrew Sitnikov) - Curl: . Fixed bug #63363 (Curl silently accepts boolean true for SSL_VERIFYHOST). diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 72f1dc3..0f60b71 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -3684,6 +3684,11 @@ PHP_MSHUTDOWN_FUNCTION(basic) /* {{{ */ PHP_RINIT_FUNCTION(basic) /* {{{ */ { memset(BG(strtok_table), 0, 256); + + BG(serialize_lock) = 0; + memset(&BG(serialize), 0, sizeof(BG(serialize))); + memset(&BG(unserialize), 0, sizeof(BG(unserialize))); + BG(strtok_string) = NULL; BG(strtok_zval) = NULL; BG(strtok_last) = NULL; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php