From: Antony Dovgal <tony2001@php.net>
Date: Tue, 16 Sep 2008 14:36:10 +0000 (+0000)
Subject: fix segfault with serialize(new __PHP_Incomplete_Class) found by Felipe
X-Git-Tag: BEFORE_HEAD_NS_CHANGE~371
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=22802419ba30994c3eddad72a2f8ee982be6c494;p=php

fix segfault with serialize(new __PHP_Incomplete_Class) found by Felipe
add test
---

diff --git a/ext/standard/php_incomplete_class.h b/ext/standard/php_incomplete_class.h
index 8614106709..eb4367d0d8 100644
--- a/ext/standard/php_incomplete_class.h
+++ b/ext/standard/php_incomplete_class.h
@@ -31,6 +31,14 @@
 	if (Z_OBJ_HT_P(struc)->get_class_entry && \
             Z_OBJCE_P(struc) == BG(incomplete_class)) {	\
 		class_name = php_lookup_class_name(struc, &name_len); \
+		if (!class_name.v) { \
+			name_len = sizeof(INCOMPLETE_CLASS) - 1; \
+			if (UG(unicode)) { \
+				class_name.u = USTR_MAKE(INCOMPLETE_CLASS); \
+			} else { \
+				class_name.s = estrndup(INCOMPLETE_CLASS, name_len); \
+			} \
+		} \
 		free_class_name = 1; \
 		incomplete_class = 1; \
 	} else { \
diff --git a/ext/standard/tests/serialize/incomplete_class.phpt b/ext/standard/tests/serialize/incomplete_class.phpt
new file mode 100644
index 0000000000..8280485516
--- /dev/null
+++ b/ext/standard/tests/serialize/incomplete_class.phpt
@@ -0,0 +1,27 @@
+--TEST--
+(un)serializing __PHP_Incomplete_Class instance
+--FILE--
+<?php
+
+$d = serialize(new __PHP_Incomplete_Class);
+$o = unserialize($d);
+var_dump($o);
+
+$o->test = "a";
+var_dump($o->test);
+var_dump($o->test2);
+
+echo "Done\n";
+?>
+--EXPECTF--	
+object(__PHP_Incomplete_Class)#%d (0) {
+}
+
+Notice: main(): The script tried to execute a method or access a property of an incomplete object. Please ensure that the class definition "unknown" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide a __autoload() function to load the class definition  in %s on line %d
+
+Notice: main(): The script tried to execute a method or access a property of an incomplete object. Please ensure that the class definition "unknown" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide a __autoload() function to load the class definition  in %s on line %d
+NULL
+
+Notice: main(): The script tried to execute a method or access a property of an incomplete object. Please ensure that the class definition "unknown" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide a __autoload() function to load the class definition  in %s on line %d
+NULL
+Done