archived-php-src/ext/standard/basic_functions.h at e8a89c49db303dfdbee4d5e64a0086f22015c1d2

mirror of https://github.com/php/php-src.git synced 2026-04-22 23:48:14 +02:00

Files

T

Nikita Popov 1806ce9cb0 Add max_depth option to unserialize()

Add a max_depth option to unserialize and an unserialize_max_depth
ini setting, which can be used to control the depth limit. The
default value is 4096.

This option is intended to prevent stack overflows during the
unserialization of deeply nested structures.

This fixes bug #78549 and addresses oss-fuzz #17581, #17589, #17664,
and #17788.

2019-09-30 10:28:24 +02:00

7.7 KiB

Raw Blame History

View Raw

7.7 KiB Raw Blame History

7.7 KiB

Raw Blame History