MFH: Fix #46646 (Implement zend functions to restrict serialization or internal classes)

Zend/zend_closures.c

@@ -22,6 +22,7 @@
 #include "zend.h"
 #include "zend_API.h"
 #include "zend_closures.h"
+#include "zend_interfaces.h"
 #include "zend_objects.h"
 #include "zend_objects_API.h"
 #include "zend_globals.h"
@@ -79,20 +80,6 @@ static zend_function *zend_closure_get_constructor(zval *object TSRMLS_DC) /* {{
 }
 /* }}} */
 
-static int zend_closure_serialize(zval *object, unsigned char **buffer, zend_uint *buf_len, zend_serialize_data *data TSRMLS_DC) /* {{{ */
-{
-	zend_error(E_RECOVERABLE_ERROR, "Serialization of 'Closure' is not allowed");
-	return FAILURE;
-}
-/* }}} */
-
-static int zend_closure_unserialize(zval **object, zend_class_entry *ce, const unsigned char *buf, zend_uint buf_len, zend_unserialize_data *data TSRMLS_DC) /* {{{ */
-{
-	zend_error(E_RECOVERABLE_ERROR, "Unserialization of 'Closure' is not allowed");
-	return FAILURE;
-}
-/* }}} */
-
 static int zend_closure_compare_objects(zval *o1, zval *o2 TSRMLS_DC) /* {{{ */
 {
 	return (Z_OBJ_HANDLE_P(o1) != Z_OBJ_HANDLE_P(o2));
@@ -243,8 +230,8 @@ void zend_register_closure_ce(TSRMLS_D) /* {{{ */
 	zend_ce_closure = zend_register_internal_class(&ce TSRMLS_CC);
 	zend_ce_closure->ce_flags |= ZEND_ACC_FINAL_CLASS;
 	zend_ce_closure->create_object = zend_closure_new;
-	zend_ce_closure->serialize = zend_closure_serialize;
+	zend_ce_closure->serialize = zend_class_serialize_deny;
-	zend_ce_closure->unserialize = zend_closure_unserialize;
+	zend_ce_closure->unserialize = zend_class_unserialize_deny;
 
 	memcpy(&closure_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
 	closure_handlers.get_constructor = zend_closure_get_constructor;

Zend/zend_interfaces.c

@@ -463,6 +463,21 @@ ZEND_API int zend_user_unserialize(zval **object, zend_class_entry *ce, const un
 }
 /* }}} */
 
+ZEND_API int zend_class_serialize_deny(zval *object, unsigned char **buffer, zend_uint *buf_len, zend_serialize_data *data TSRMLS_DC) /* {{{ */
+{
+	zend_class_entry *ce = Z_OBJCE_P(object);
+	zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Serialization of '%s' is not allowed", ce->name);
+	return FAILURE;
+}
+/* }}} */
+
+ZEND_API int zend_class_unserialize_deny(zval **object, zend_class_entry *ce, const unsigned char *buf, zend_uint buf_len, zend_unserialize_data *data TSRMLS_DC) /* {{{ */
+{
+	zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Unserialization of '%s' is not allowed", ce->name);
+	return FAILURE;
+}
+/* }}} */
+
 /* {{{ zend_implement_serializable */
 static int zend_implement_serializable(zend_class_entry *interface, zend_class_entry *class_type TSRMLS_DC)
 {

Zend/zend_interfaces.h

@@ -64,6 +64,9 @@ ZEND_API void zend_register_interfaces(TSRMLS_D);
 ZEND_API int zend_user_serialize(zval *object, unsigned char **buffer, zend_uint *buf_len, zend_serialize_data *data TSRMLS_DC);
 ZEND_API int zend_user_unserialize(zval **object, zend_class_entry *ce, const unsigned char *buf, zend_uint buf_len, zend_unserialize_data *data TSRMLS_DC);
 
+ZEND_API int zend_class_serialize_deny(zval *object, unsigned char **buffer, zend_uint *buf_len, zend_serialize_data *data TSRMLS_DC);
+ZEND_API int zend_class_unserialize_deny(zval **object, zend_class_entry *ce, const unsigned char *buf, zend_uint buf_len, zend_unserialize_data *data TSRMLS_DC);
+
 END_EXTERN_C()
 
 #endif /* ZEND_INTERFACES_H */

ext/spl/spl_directory.c

@@ -2610,6 +2610,8 @@ PHP_MINIT_FUNCTION(spl_directory)
 	spl_filesystem_object_handlers.clone_obj       = spl_filesystem_object_clone;
 	spl_filesystem_object_handlers.cast_object     = spl_filesystem_object_cast;
 	spl_filesystem_object_handlers.get_debug_info  = spl_filesystem_object_get_debug_info;
+	spl_ce_SplFileInfo->serialize = zend_class_serialize_deny;
+	spl_ce_SplFileInfo->unserialize = zend_class_unserialize_deny;
 
 	REGISTER_SPL_SUB_CLASS_EX(DirectoryIterator, SplFileInfo, spl_filesystem_object_new, spl_DirectoryIterator_functions);
 	zend_class_implements(spl_ce_DirectoryIterator TSRMLS_CC, 1, zend_ce_iterator);