diff options
| author | Stanislav Malyshev <stas@php.net> | 2014-04-13 15:55:24 -0700 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2014-04-13 15:55:45 -0700 |
| commit | d3c4292db7b905b7ff4f2d95ab2ecf0337a78ccc (patch) | |
| tree | 1e741967285e5d87c4199b75a3cf768b5dc1c98f | |
| parent | 1be29a404aaba3a473d9cb7fa4b4c4cf63f6acee (diff) | |
| parent | 733b09442d40ae2803ca1ffd073a74ca4a8ebb07 (diff) | |
| download | php-git-d3c4292db7b905b7ff4f2d95ab2ecf0337a78ccc.tar.gz | |
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
Fix bug #66721
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/date/php_date.c | 4 | ||||
| -rw-r--r-- | ext/date/tests/bug66721.phpt | 11 |
3 files changed, 19 insertions, 0 deletions
@@ -14,6 +14,10 @@ PHP NEWS . Fixed bug #67064 (Countable interface prevents using 2nd parameter ($mode) of count() function). (Bob) +- Date: + . Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is + supplied). (Boro Sitnikovski) + - mysqlnd: . Added a new fetching mode to mysqlnd. (Andrey) diff --git a/ext/date/php_date.c b/ext/date/php_date.c index 5852bb2ca6..69f990ca51 100644 --- a/ext/date/php_date.c +++ b/ext/date/php_date.c @@ -2814,6 +2814,10 @@ static int php_date_initialize_from_hash(zval **return_value, php_date_obj **dat tzi = php_date_parse_tzfile(Z_STRVAL_PP(z_timezone), DATE_TIMEZONEDB TSRMLS_CC); + if (tzi == NULL) { + return 0; + } + ALLOC_INIT_ZVAL(tmp_obj); tzobj = zend_object_store_get_object(php_date_instantiate(date_ce_timezone, tmp_obj TSRMLS_CC) TSRMLS_CC); tzobj->type = TIMELIB_ZONETYPE_ID; diff --git a/ext/date/tests/bug66721.phpt b/ext/date/tests/bug66721.phpt new file mode 100644 index 0000000000..4806712437 --- /dev/null +++ b/ext/date/tests/bug66721.phpt @@ -0,0 +1,11 @@ +--TEST-- +Test for bug #66721: __wakeup of DateTime segfaults when invalid object data is supplied +--CREDITS-- +Boro Sitnikovski <buritomath@yahoo.com> +--FILE-- +<?php +$y = 'O:8:"DateTime":3:{s:4:"date";s:19:"2014-02-15 02:00:51";s:13:"timezone_type";i:3;s:8:"timezone";s:10:"1234567890";}'; +var_dump(unserialize($y)); +?> +--EXPECTF-- +Fatal error: Invalid serialization data for DateTime object in %s on line %d |