From b84277297ae18f11055a5731a881a347df8d76b9 Mon Sep 17 00:00:00 2001 From: "Christoph M. Becker" Date: Thu, 5 Mar 2020 14:57:27 +0100 Subject: [PATCH] Fix #75673: SplStack::unserialize() behavior Even though `SplStack::unserialize()` is not supposed to be called on an already constructed instance, it is probably better if the method clears the stack before actually unserializing. --- NEWS | 3 +++ ext/spl/spl_dllist.c | 6 ++++++ ext/spl/tests/bug75673.phpt | 19 +++++++++++++++++++ 3 files changed, 28 insertions(+) create mode 100644 ext/spl/tests/bug75673.phpt diff --git a/NEWS b/NEWS index 8f89531714..f3750061e1 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,9 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? ????, PHP 7.3.17 +- Spl: + . Fixed bug #75673 (SplStack::unserialize() behavior). (cmb) + 19 Mar 2020, PHP 7.3.16 - Core: diff --git a/ext/spl/spl_dllist.c b/ext/spl/spl_dllist.c index ba9488abfc..9919b1aa63 100644 --- a/ext/spl/spl_dllist.c +++ b/ext/spl/spl_dllist.c @@ -1185,6 +1185,12 @@ SPL_METHOD(SplDoublyLinkedList, unserialize) return; } + while (intern->llist->count > 0) { + zval tmp; + spl_ptr_llist_pop(intern->llist, &tmp); + zval_ptr_dtor(&tmp); + } + s = p = (const unsigned char*)buf; PHP_VAR_UNSERIALIZE_INIT(var_hash); diff --git a/ext/spl/tests/bug75673.phpt b/ext/spl/tests/bug75673.phpt new file mode 100644 index 0000000000..76fe3745fb --- /dev/null +++ b/ext/spl/tests/bug75673.phpt @@ -0,0 +1,19 @@ +--TEST-- +Bug #75673 (SplStack::unserialize() behavior) +--FILE-- +push("one"); +$stack->push("two"); + +$serialized = $stack->serialize(); +var_dump($stack->count()); +$stack->unserialize($serialized); +var_dump($stack->count()); +$stack->unserialize($serialized); +var_dump($stack->count()); +?> +--EXPECT-- +int(2) +int(2) +int(2) -- 2.40.0