unserialize no longer complaints about unserializing empty-strings (started that...

diff --git a/ext/standard/var.c b/ext/standard/var.c
index 1f087e10e3913497fbbba8d87f2a1cf1baa091f9..5d7301f092dcf6ec5a4390b9437f88cb39f6388b 100644 (file)
--- a/ext/standard/var.c
+++ b/ext/standard/var.c
@@ -347,11 +347,12 @@ int php_var_unserialize(pval **rval, const char **p, const char *max)
                                return 0;
                        }
                        (*p) += 2;
-                       str = emalloc(i + 1);
-                       if (i > 0) {
-                               memcpy(str, *p, i);
+
+                       if (i == 0) {
+                               str = empty_string;
+                       } else  {
+                               str = estrndup(*p,i);
                        }
-                       str[i] = 0;
                        (*p) += i + 2;
                        (*rval)->type = IS_STRING;
                        (*rval)->value.str.val = str;
@@ -489,14 +490,16 @@ PHP_FUNCTION(unserialize)
        if (ARG_COUNT(ht) != 1 || getParametersEx(1, &buf) == FAILURE) {
                WRONG_PARAM_COUNT;
        }
+
        if ((*buf)->type == IS_STRING) {
                const char *p = (*buf)->value.str.val;
-               const char *q;
 
-               q = p;
+               if ((*buf)->value.str.len == 0) {
+                       RETURN_FALSE;
+               }
 
                if (!php_var_unserialize(&return_value, &p, p + (*buf)->value.str.len)) {
-                       php_error(E_NOTICE, "unserialize() failed at offset %d",p-q);
+                       php_error(E_NOTICE, "unserialize() failed at offset %d of %d bytes",p-(*buf)->value.str.val,(*buf)->value.str.len);
                        RETURN_FALSE;
                }
        } else {