diff options
| author | Nikita Popov <nikita.ppv@gmail.com> | 2018-07-02 17:24:35 +0200 | 
|---|---|---|
| committer | Nikita Popov <nikita.ppv@gmail.com> | 2018-07-02 17:27:43 +0200 | 
| commit | c793885b7624be4e2a95c69a2b8b3fee969b312f (patch) | |
| tree | c12cab49984c6e610e31bcb5a9efc54c6ac8b70c /ext/reflection/php_reflection.c | |
| parent | f8258325b4a6a45d111e429fea64591a5c8273d8 (diff) | |
| download | php-git-c793885b7624be4e2a95c69a2b8b3fee969b312f.tar.gz | |
Fixed bug #74670
Validate that "C" serialization payload is followed by "}" prior to
calling the unserialize() handler. This mitigates issues caused by
unserialize() not correctly handling strings that are not NUL
terminated. Making sure that there is a "}" at the end avoids the
problem.
Diffstat (limited to 'ext/reflection/php_reflection.c')
0 files changed, 0 insertions, 0 deletions
