patches/MOPB/MOPB-04-php4.diff

--- var_unserializer.c  2006/08/09 23:29:17     1.18.4.24.2.7
+++ var_unserializer.c  2006/10/27 08:35:25     1.18.4.24.2.8
@@ -18,7 +18,7 @@
    +----------------------------------------------------------------------+
 */
 
-/* $Id: var_unserializer.c,v 1.18.4.24.2.7 2006/08/09 23:29:17 nlopess Exp $ */
+/* $Id: var_unserializer.c,v 1.18.4.24.2.8 2006/10/27 08:35:25 sesser Exp $ */
 
 #include "php.h"
 #include "ext/standard/php_var.h"
@@ -958,6 +958,10 @@
        
        if (*rval == *rval_ref) return 0;
 
+       if ((*rval_ref)->refcount > 65500) {
+               return 0;
+       }
+
        if (*rval != NULL) {
        zval_ptr_dtor(rval);
        }
@@ -999,6 +1003,10 @@
 
        id = parse_iv(start + 2) - 1;
        if (id == -1 || var_access(var_hash, id, &rval_ref) != SUCCESS) {
+               return 0;
+       }
+
+       if ((*rval_ref)->refcount > 65500) {
                return 0;
        }
 
1	--- var_unserializer.c 2006/08/09 23:29:17 1.18.4.24.2.7
2	+++ var_unserializer.c 2006/10/27 08:35:25 1.18.4.24.2.8
3	@@ -18,7 +18,7 @@
4	+----------------------------------------------------------------------+
5	*/
6
7	-/* $Id: var_unserializer.c,v 1.18.4.24.2.7 2006/08/09 23:29:17 nlopess Exp $ */
8	+/* $Id: var_unserializer.c,v 1.18.4.24.2.8 2006/10/27 08:35:25 sesser Exp $ */
9
10	#include "php.h"
11	#include "ext/standard/php_var.h"
12	@@ -958,6 +958,10 @@
13
14	if (rval == rval_ref) return 0;
15
16	+ if ((*rval_ref)->refcount > 65500) {
17	+ return 0;
18	+ }
19	+
20	if (*rval != NULL) {
21	zval_ptr_dtor(rval);
22	}
23	@@ -999,6 +1003,10 @@
24
25	id = parse_iv(start + 2) - 1;
26	if (id == -1 \|\| var_access(var_hash, id, &rval_ref) != SUCCESS) {
27	+ return 0;
28	+ }
29	+
30	+ if ((*rval_ref)->refcount > 65500) {
31	return 0;
32	}
33