fix bug #63369

(un)serialize() leaves dangling pointers, causes crashes
jbondc · Oct 26, 2012 · f2bffdc · f2bffdc
1 parent 4f4d778
commit f2bffdc
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/NEWS b/NEWS
@@ -4,6 +4,8 @@ PHP                                                                        NEWS
 
 - Core:
   . Fixed bug #63305 (zend_mm_heap corrupted with traits). (Dmitry, Laruence)
+  . Fixed bug #63369 ((un)serialize() leaves dangling pointers, causes crashes).
+    (Tony, Andrew Sitnikov)
 
 - Curl:
   . Fixed bug #63363 (Curl silently accepts boolean true for SSL_VERIFYHOST).

diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
@@ -3684,6 +3684,11 @@ PHP_MSHUTDOWN_FUNCTION(basic) /* {{{ */
 PHP_RINIT_FUNCTION(basic) /* {{{ */
 {
 	memset(BG(strtok_table), 0, 256);
+
+	BG(serialize_lock) = 0;
+	memset(&BG(serialize), 0, sizeof(BG(serialize)));
+	memset(&BG(unserialize), 0, sizeof(BG(unserialize)));
+
 	BG(strtok_string) = NULL;
 	BG(strtok_zval) = NULL;
 	BG(strtok_last) = NULL;