. Fixed bug #71041 (zend_signal_startup() needs ZEND_API).
(Valentin V. Bartenev)
+- COM:
+ . Fixed bug #77177 (Serializing or unserializing COM objects crashes). (cmb)
+
- Sockets:
. Fixed bug #77136 (Unsupported IPV6_RECVPKTINFO constants on macOS).
(Mizunashi Mana)
#include "php_com_dotnet.h"
#include "php_com_dotnet_internal.h"
#include "Zend/zend_exceptions.h"
+#include "Zend/zend_interfaces.h"
ZEND_DECLARE_MODULE_GLOBALS(com_dotnet)
static PHP_GINIT_FUNCTION(com_dotnet);
{
zend_class_entry ce, *tmp;
+ zend_hash_init(&com_dotnet_object_properties, 0, NULL, NULL, 0);
+
php_com_wrapper_minit(INIT_FUNC_ARGS_PASSTHRU);
php_com_persist_minit(INIT_FUNC_ARGS_PASSTHRU);
ce.create_object = php_com_object_new;
php_com_variant_class_entry = zend_register_internal_class(&ce);
php_com_variant_class_entry->get_iterator = php_com_iter_get;
+ php_com_variant_class_entry->serialize = zend_class_serialize_deny;
+ php_com_variant_class_entry->unserialize = zend_class_unserialize_deny;
INIT_CLASS_ENTRY(ce, "com", NULL);
ce.create_object = php_com_object_new;
tmp = zend_register_internal_class_ex(&ce, php_com_variant_class_entry);
tmp->get_iterator = php_com_iter_get;
+ tmp->serialize = zend_class_serialize_deny;
+ tmp->unserialize = zend_class_unserialize_deny;
zend_ts_hash_init(&php_com_typelibraries, 0, NULL, php_com_typelibrary_dtor, 1);
ce.create_object = php_com_object_new;
tmp = zend_register_internal_class_ex(&ce, php_com_variant_class_entry);
tmp->get_iterator = php_com_iter_get;
+ tmp->serialize = zend_class_serialize_deny;
+ tmp->unserialize = zend_class_unserialize_deny;
#endif
REGISTER_INI_ENTRIES();
#include "php_com_dotnet_internal.h"
#include "Zend/zend_exceptions.h"
+const HashTable com_dotnet_object_properties;
+
static zval *com_property_read(zval *object, zval *member, int type, void **cahce_slot, zval *rv)
{
php_com_dotnet_object *obj;
* infinite recursion when the hash is displayed via var_dump().
* Perhaps it is best to leave it un-implemented.
*/
- return NULL;
+ return &com_dotnet_object_properties;
}
static void function_dtor(zval *zv)
#include "zend_ts_hash.h"
+extern const HashTable com_dotnet_object_properties;
+
typedef struct _php_com_dotnet_object {
zend_object zo;
--- /dev/null
+--TEST--
+Bug #77177 (Serializing or unserializing COM objects crashes)
+--SKIPIF--
+<?php
+if (!extension_loaded('com_dotnet')) die('skip com_dotnet extension not available');
+?>
+--FILE--
+<?php
+$com = new COM("WScript.Shell");
+$dotnet = new DOTNET("mscorlib", "System.Collections.Stack");
+$variant = new VARIANT;
+foreach ([$com, $dotnet, $variant] as $object) {
+ try {
+ serialize($object);
+ } catch (Exception $ex) {
+ echo "Exception: {$ex->getMessage()}\n";
+ }
+}
+
+$strings = ['C:3:"com":0:{}', 'C:6:"dotnet":0:{}', 'C:7:"variant":0:{}'];
+foreach ($strings as $string) {
+ try {
+ unserialize($string);
+ } catch (Exception $ex) {
+ echo "Exception: {$ex->getMessage()}\n";
+ }
+}
+
+$strings = ['O:3:"com":0:{}', 'O:6:"dotnet":0:{}', 'O:7:"variant":0:{}'];
+foreach ($strings as $string) {
+ var_dump(unserialize($string));
+}
+?>
+===DONE===
+--EXPECTF--
+Exception: Serialization of 'com' is not allowed
+Exception: Serialization of 'dotnet' is not allowed
+Exception: Serialization of 'variant' is not allowed
+Exception: Unserialization of 'com' is not allowed
+Exception: Unserialization of 'dotnet' is not allowed
+Exception: Unserialization of 'variant' is not allowed
+
+Warning: Erroneous data format for unserializing 'com' in %s on line %d
+
+Notice: unserialize(): Error at offset 13 of 14 bytes in %s on line %d
+bool(false)
+
+Warning: Erroneous data format for unserializing 'dotnet' in %s on line %d
+
+Notice: unserialize(): Error at offset 16 of 17 bytes in %s on line %d
+bool(false)
+
+Warning: Erroneous data format for unserializing 'variant' in %s on line %d
+
+Notice: unserialize(): Error at offset 17 of 18 bytes in %s on line %d
+bool(false)
+===DONE===
projects / php / commitdiff