Deny cloning of fileinfo objects

Using a cloned finfo object will crash.

diff --git a/ext/fileinfo/fileinfo.c b/ext/fileinfo/fileinfo.c
index 5565964c20f15ccb89598d6d27035ab2d4d102ef..2cb9f91aeeec4ff502ec10d22fa27229d66c8fa2 100644 (file)
--- a/ext/fileinfo/fileinfo.c
+++ b/ext/fileinfo/fileinfo.c
@@ -218,6 +218,7 @@ PHP_MINIT_FUNCTION(finfo)
        memcpy(&finfo_object_handlers, &std_object_handlers, sizeof(zend_object_handlers));
        finfo_object_handlers.offset = XtOffsetOf(finfo_object, zo);
        finfo_object_handlers.free_obj = finfo_objects_free;
+       finfo_object_handlers.clone_obj = NULL;
 
        le_fileinfo = zend_register_list_destructors_ex(finfo_resource_destructor, NULL, "file_info", module_number);
 

diff --git a/ext/fileinfo/tests/clone_serialize.phpt b/ext/fileinfo/tests/clone_serialize.phpt
new file mode 100644 (file)
index 0000000..5375526
--- /dev/null
+++ b/ext/fileinfo/tests/clone_serialize.phpt
@@ -0,0 +1,27 @@
+--TEST--
+Cloning and serializing finfo is not supported
+--FILE--
+<?php
+
+$finfo = new finfo;
+var_dump($finfo->buffer("Test string"));
+try {
+    $finfo2 = clone $finfo;
+    var_dump($finfo2->buffer("Test string"));
+} catch (Error $e) {
+    echo $e->getMessage(), "\n";
+}
+try {
+    $finfo3 = unserialize(serialize($finfo));
+    var_dump($finfo3->buffer("Test string"));
+} catch (Error $e) {
+    echo $e->getMessage(), "\n";
+}
+
+?>
+--EXPECTF--
+string(%d) "%s"
+Trying to clone an uncloneable object of class finfo
+
+Warning: finfo::buffer(): The invalid fileinfo object. in %s on line %d
+bool(false)