Do not allow more than 65500 references

author Stefan Esser <sesser@php.net>

Fri, 27 Oct 2006 08:33:55 +0000 (08:33 +0000)

committer Stefan Esser <sesser@php.net>

Fri, 27 Oct 2006 08:33:55 +0000 (08:33 +0000)
author Stefan Esser <sesser@php.net>
Fri, 27 Oct 2006 08:33:55 +0000 (08:33 +0000)
committer Stefan Esser <sesser@php.net>
Fri, 27 Oct 2006 08:33:55 +0000 (08:33 +0000)
diff --git a/ext/standard/var_unserializer.re b/ext/standard/var_unserializer.re

index b95abaab631f25153ab05b0f095afef8b55b2bce..1acf64aec25a54e2aeec61f8690ffaa8dc7aa9cc 100644 (file)
--- a/ext/standard/var_unserializer.re
+++ b/ext/standard/var_unserializer.re
@@ -353,6 +353,10 @@ PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
         if (id == -1 || var_access(var_hash, id, &rval_ref) != SUCCESS) {
                 return 0;
         }
+       
+       if ((*rval_ref)->refcount > 65500) {
+               return 0;
+       }
  
         if (*rval != NULL) {
         zval_ptr_dtor(rval);
@@ -377,6 +381,10 @@ PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
         
         if (*rval == *rval_ref) return 0;
  
+       if ((*rval_ref)->refcount > 65500) {
+               return 0;
+       }
+
         if (*rval != NULL) {
         zval_ptr_dtor(rval);
         }
author	Stefan Esser <sesser@php.net>
	Fri, 27 Oct 2006 08:33:55 +0000 (08:33 +0000)
committer	Stefan Esser <sesser@php.net>
	Fri, 27 Oct 2006 08:33:55 +0000 (08:33 +0000)