Skip to content

Commit f2bffdc

Browse files
tony2001tony2001
committed
fix bug #63369
(un)serialize() leaves dangling pointers, causes crashes
1 parent 4f4d778 commit f2bffdc

File tree

2 files changed

+7
-0
lines changed

2 files changed

+7
-0
lines changed

NEWS

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@ PHP NEWS
44

55
- Core:
66
. Fixed bug #63305 (zend_mm_heap corrupted with traits). (Dmitry, Laruence)
7+
. Fixed bug #63369 ((un)serialize() leaves dangling pointers, causes crashes).
8+
(Tony, Andrew Sitnikov)
79

810
- Curl:
911
. Fixed bug #63363 (Curl silently accepts boolean true for SSL_VERIFYHOST).

ext/standard/basic_functions.c

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3684,6 +3684,11 @@ PHP_MSHUTDOWN_FUNCTION(basic) /* {{{ */
36843684
PHP_RINIT_FUNCTION(basic) /* {{{ */
36853685
{
36863686
memset(BG(strtok_table), 0, 256);
3687+
3688+
BG(serialize_lock) = 0;
3689+
memset(&BG(serialize), 0, sizeof(BG(serialize)));
3690+
memset(&BG(unserialize), 0, sizeof(BG(unserialize)));
3691+
36873692
BG(strtok_string) = NULL;
36883693
BG(strtok_zval) = NULL;
36893694
BG(strtok_last) = NULL;

0 commit comments

Comments
 (0)