From cf25b8a24819a7e8b4e48653f5f57026414dde4a Mon Sep 17 00:00:00 2001 From: Colin Mollenhour Date: Mon, 21 Dec 2020 03:57:43 -0500 Subject: [PATCH] Disable class unserialization where it is not needed. (#1251) * Disable class unserialization where it is not needed. * Revert accidentally committed changes to var/.gitignore * Re-throw unserialize errors as Exception. --- app/code/core/Mage/Admin/Model/Resource/Acl.php | 2 +- .../Block/Sales/Order/Shipment/Packaging.php | 2 +- .../Mage/Adminhtml/Model/Sales/Order/Create.php | 4 ++-- app/code/core/Mage/Api/Model/Resource/Acl.php | 2 +- .../Block/Adminhtml/Sales/Order/Items/Renderer.php | 2 +- .../Adminhtml/Sales/Order/View/Items/Renderer.php | 2 +- .../Bundle/Block/Sales/Order/Items/Renderer.php | 2 +- .../Helper/Catalog/Product/Configuration.php | 6 +++--- app/code/core/Mage/Bundle/Model/Product/Price.php | 2 +- app/code/core/Mage/Bundle/Model/Product/Type.php | 14 +++++++------- .../Model/Sales/Order/Pdf/Items/Abstract.php | 2 +- .../Mage/Catalog/Helper/Product/Configuration.php | 2 +- .../Attribute/Source/Countryofmanufacture.php | 2 +- .../Mage/Catalog/Model/Product/Type/Abstract.php | 2 +- .../Catalog/Model/Product/Type/Configurable.php | 4 ++-- .../Model/Product/Type/Configurable/Price.php | 2 +- .../Catalog/Model/Resource/Product/Collection.php | 2 +- .../CatalogIndex/Model/Resource/Aggregation.php | 2 +- .../core/Mage/Checkout/Block/Onepage/Abstract.php | 2 +- .../core/Mage/Core/Helper/UnserializeArray.php | 11 +++++++++-- app/code/core/Mage/Core/Model/Cache.php | 4 ++-- app/code/core/Mage/Core/Model/Flag.php | 2 +- .../core/Mage/Core/Model/Resource/Abstract.php | 2 +- .../core/Mage/Core/Model/Resource/Email/Queue.php | 2 +- app/code/core/Mage/Core/Model/Store.php | 2 +- app/code/core/Mage/Core/Model/Translate.php | 2 +- app/code/core/Mage/Dataflow/Model/Batch.php | 2 +- .../core/Mage/Dataflow/Model/Batch/Abstract.php | 2 +- .../Dataflow/Model/Convert/Parser/Serialize.php | 2 +- app/code/core/Mage/Directory/Block/Data.php | 4 ++-- .../core/Mage/Downloadable/Model/Product/Type.php | 2 +- app/code/core/Mage/Eav/Model/Config.php | 2 +- app/code/core/Mage/Index/Model/Event.php | 4 ++-- .../mysql4-data-upgrade-0.7.0-0.7.1.php | 7 ++++--- .../core/Mage/Payment/Model/Recurring/Profile.php | 2 +- app/code/core/Mage/Sales/Model/Config/Ordered.php | 2 +- app/code/core/Mage/Sales/Model/Order/Item.php | 6 +++--- app/code/core/Mage/Sales/Model/Service/Order.php | 2 +- .../Mage/Sales/controllers/DownloadController.php | 2 +- app/code/core/Mage/Weee/Helper/Data.php | 2 +- .../core/Mage/Widget/Model/Resource/Widget.php | 2 +- app/code/core/Mage/Wishlist/Model/Item.php | 2 +- app/code/core/Mage/Wishlist/Model/Wishlist.php | 2 +- .../Mage/Wishlist/controllers/IndexController.php | 2 +- errors/processor.php | 2 +- lib/Mage/Cache/Backend/File.php | 2 +- lib/Varien/Db/Adapter/Pdo/Mysql.php | 2 +- 47 files changed, 73 insertions(+), 65 deletions(-) diff --git a/app/code/core/Mage/Admin/Model/Resource/Acl.php b/app/code/core/Mage/Admin/Model/Resource/Acl.php index e56668475c8..14f8290d5c4 100644 --- a/app/code/core/Mage/Admin/Model/Resource/Acl.php +++ b/app/code/core/Mage/Admin/Model/Resource/Acl.php @@ -133,7 +133,7 @@ public function loadRules(Mage_Admin_Model_Acl $acl, array $rulesArr) $assert = null; if (0 != $rule['assert_id']) { $assertClass = Mage::getSingleton('admin/config')->getAclAssert($rule['assert_type'])->getClassName(); - $assert = new $assertClass(unserialize($rule['assert_data'])); + $assert = new $assertClass(unserialize($rule['assert_data'], ['allowed_classes' => false])); } try { if ($rule['permission'] == 'allow') { diff --git a/app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/Packaging.php b/app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/Packaging.php index e3c7345e39b..7139f747565 100644 --- a/app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/Packaging.php +++ b/app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/Packaging.php @@ -201,7 +201,7 @@ public function getPackages() { $packages = $this->getShipment()->getPackages(); if ($packages) { - $packages = unserialize($packages); + $packages = unserialize($packages, ['allowed_classes' => false]); } else { $packages = array(); } diff --git a/app/code/core/Mage/Adminhtml/Model/Sales/Order/Create.php b/app/code/core/Mage/Adminhtml/Model/Sales/Order/Create.php index b7c00fb0898..74d0b595eba 100644 --- a/app/code/core/Mage/Adminhtml/Model/Sales/Order/Create.php +++ b/app/code/core/Mage/Adminhtml/Model/Sales/Order/Create.php @@ -580,7 +580,7 @@ public function moveQuoteItem($item, $moveTo, $qty) $info = $item->getOptionByCode('info_buyRequest'); if ($info) { $info = new Varien_Object( - unserialize($info->getValue()) + unserialize($info->getValue(), ['allowed_classes' => false]) ); $info->setQty($qty); $info->setOptions($this->_prepareOptionsForRequest($item)); @@ -1511,7 +1511,7 @@ protected function _prepareQuoteItems() } $addOptions = $item->getOptionByCode('additional_options'); if ($addOptions) { - $options['additional_options'] = unserialize($addOptions->getValue()); + $options['additional_options'] = unserialize($addOptions->getValue(), ['allowed_classes' => false]); } $item->setProductOrderOptions($options); } diff --git a/app/code/core/Mage/Api/Model/Resource/Acl.php b/app/code/core/Mage/Api/Model/Resource/Acl.php index 82533761f8a..13fe43a074f 100644 --- a/app/code/core/Mage/Api/Model/Resource/Acl.php +++ b/app/code/core/Mage/Api/Model/Resource/Acl.php @@ -123,7 +123,7 @@ public function loadRules(Mage_Api_Model_Acl $acl, array $rulesArr) $assert = null; if (0!=$rule['assert_id']) { $assertClass = Mage::getSingleton('api/config')->getAclAssert($rule['assert_type'])->getClassName(); - $assert = new $assertClass(unserialize($rule['assert_data'])); + $assert = new $assertClass(unserialize($rule['assert_data'], ['allowed_classes' => false])); } try { if ($rule['api_permission'] == 'allow') { diff --git a/app/code/core/Mage/Bundle/Block/Adminhtml/Sales/Order/Items/Renderer.php b/app/code/core/Mage/Bundle/Block/Adminhtml/Sales/Order/Items/Renderer.php index bee8a375c04..474ffe84b34 100644 --- a/app/code/core/Mage/Bundle/Block/Adminhtml/Sales/Order/Items/Renderer.php +++ b/app/code/core/Mage/Bundle/Block/Adminhtml/Sales/Order/Items/Renderer.php @@ -167,7 +167,7 @@ public function getSelectionAttributes($item) $options = $item->getOrderItem()->getProductOptions(); } if (isset($options['bundle_selection_attributes'])) { - return unserialize($options['bundle_selection_attributes']); + return unserialize($options['bundle_selection_attributes'], ['allowed_classes' => false]); } return null; } diff --git a/app/code/core/Mage/Bundle/Block/Adminhtml/Sales/Order/View/Items/Renderer.php b/app/code/core/Mage/Bundle/Block/Adminhtml/Sales/Order/View/Items/Renderer.php index 2f18af6593e..b87f5677ec0 100644 --- a/app/code/core/Mage/Bundle/Block/Adminhtml/Sales/Order/View/Items/Renderer.php +++ b/app/code/core/Mage/Bundle/Block/Adminhtml/Sales/Order/View/Items/Renderer.php @@ -126,7 +126,7 @@ public function getSelectionAttributes($item) $options = $item->getOrderItem()->getProductOptions(); } if (isset($options['bundle_selection_attributes'])) { - return unserialize($options['bundle_selection_attributes']); + return unserialize($options['bundle_selection_attributes'], ['allowed_classes' => false]); } return null; } diff --git a/app/code/core/Mage/Bundle/Block/Sales/Order/Items/Renderer.php b/app/code/core/Mage/Bundle/Block/Sales/Order/Items/Renderer.php index c906aeb35a4..790d1ea0152 100644 --- a/app/code/core/Mage/Bundle/Block/Sales/Order/Items/Renderer.php +++ b/app/code/core/Mage/Bundle/Block/Sales/Order/Items/Renderer.php @@ -131,7 +131,7 @@ public function getSelectionAttributes($item) $options = $item->getOrderItem()->getProductOptions(); } if (isset($options['bundle_selection_attributes'])) { - return unserialize($options['bundle_selection_attributes']); + return unserialize($options['bundle_selection_attributes'], ['allowed_classes' => false]); } return null; } diff --git a/app/code/core/Mage/Bundle/Helper/Catalog/Product/Configuration.php b/app/code/core/Mage/Bundle/Helper/Catalog/Product/Configuration.php index 1d6cf343de1..0c1a60780f7 100644 --- a/app/code/core/Mage/Bundle/Helper/Catalog/Product/Configuration.php +++ b/app/code/core/Mage/Bundle/Helper/Catalog/Product/Configuration.php @@ -91,7 +91,7 @@ public function getBundleOptions(Mage_Catalog_Model_Product_Configuration_Item_I // get bundle options $optionsQuoteItemOption = $item->getOptionByCode('bundle_option_ids'); - $bundleOptionsIds = $optionsQuoteItemOption ? unserialize($optionsQuoteItemOption->getValue()) : array(); + $bundleOptionsIds = $optionsQuoteItemOption ? unserialize($optionsQuoteItemOption->getValue(), ['allowed_classes' => false]) : array(); if ($bundleOptionsIds) { /** * @var Mage_Bundle_Model_Resource_Option_Collection @@ -101,11 +101,11 @@ public function getBundleOptions(Mage_Catalog_Model_Product_Configuration_Item_I // get and add bundle selections collection $selectionsQuoteItemOption = $item->getOptionByCode('bundle_selection_ids'); - $bundleSelectionIds = unserialize($selectionsQuoteItemOption->getValue()); + $bundleSelectionIds = unserialize($selectionsQuoteItemOption->getValue(), ['allowed_classes' => false]); if (!empty($bundleSelectionIds)) { $selectionsCollection = $typeInstance->getSelectionsByIds( - unserialize($selectionsQuoteItemOption->getValue()), + unserialize($selectionsQuoteItemOption->getValue(), ['allowed_classes' => false]), $product ); diff --git a/app/code/core/Mage/Bundle/Model/Product/Price.php b/app/code/core/Mage/Bundle/Model/Product/Price.php index 504a6ae72a6..572585e920b 100644 --- a/app/code/core/Mage/Bundle/Model/Product/Price.php +++ b/app/code/core/Mage/Bundle/Model/Product/Price.php @@ -88,7 +88,7 @@ public function getTotalBundleItemsPrice($product, $qty = null) if ($product->hasCustomOptions()) { $customOption = $product->getCustomOption('bundle_selection_ids'); if ($customOption) { - $selectionIds = unserialize($customOption->getValue()); + $selectionIds = unserialize($customOption->getValue(), ['allowed_classes' => false]); /** @var Mage_Bundle_Model_Resource_Selection_Collection $selections */ $selections = $product->getTypeInstance(true)->getSelectionsByIds($selectionIds, $product); $selections->addTierPriceData(); diff --git a/app/code/core/Mage/Bundle/Model/Product/Type.php b/app/code/core/Mage/Bundle/Model/Product/Type.php index d7c9588e386..0aba1f4be83 100644 --- a/app/code/core/Mage/Bundle/Model/Product/Type.php +++ b/app/code/core/Mage/Bundle/Model/Product/Type.php @@ -148,7 +148,7 @@ public function getSku($product = null) if ($this->getProduct($product)->hasCustomOptions()) { $customOption = $this->getProduct($product)->getCustomOption('bundle_selection_ids'); - $selectionIds = unserialize($customOption->getValue()); + $selectionIds = unserialize($customOption->getValue(), ['allowed_classes' => false]); if (!empty($selectionIds)) { $selections = $this->getSelectionsByIds($selectionIds, $product); foreach ($selections->getItems() as $selection) { @@ -176,7 +176,7 @@ public function getWeight($product = null) if ($this->getProduct($product)->hasCustomOptions()) { $customOption = $this->getProduct($product)->getCustomOption('bundle_selection_ids'); - $selectionIds = unserialize($customOption->getValue()); + $selectionIds = unserialize($customOption->getValue(), ['allowed_classes' => false]); $selections = $this->getSelectionsByIds($selectionIds, $product); foreach ($selections->getItems() as $selection) { $qtyOption = $this->getProduct($product) @@ -202,7 +202,7 @@ public function isVirtual($product = null) { if ($this->getProduct($product)->hasCustomOptions()) { $customOption = $this->getProduct($product)->getCustomOption('bundle_selection_ids'); - $selectionIds = unserialize($customOption->getValue()); + $selectionIds = unserialize($customOption->getValue(), ['allowed_classes' => false]); $selections = $this->getSelectionsByIds($selectionIds, $product); $virtualCount = 0; foreach ($selections->getItems() as $selection) { @@ -788,10 +788,10 @@ public function getOrderOptions($product = null) if ($product->hasCustomOptions()) { $customOption = $product->getCustomOption('bundle_option_ids'); - $optionIds = unserialize($customOption->getValue()); + $optionIds = unserialize($customOption->getValue(), ['allowed_classes' => false]); $options = $this->getOptionsByIds($optionIds, $product); $customOption = $product->getCustomOption('bundle_selection_ids'); - $selectionIds = unserialize($customOption->getValue()); + $selectionIds = unserialize($customOption->getValue(), ['allowed_classes' => false]); $selections = $this->getSelectionsByIds($selectionIds, $product); foreach ($selections->getItems() as $selection) { if ($selection->isSalable()) { @@ -934,9 +934,9 @@ public function checkProductBuyState($product = null) $productOptionIds = $this->getOptionsIds($product); $productSelections = $this->getSelectionsCollection($productOptionIds, $product); $selectionIds = $product->getCustomOption('bundle_selection_ids'); - $selectionIds = (array) unserialize($selectionIds->getValue()); + $selectionIds = (array) unserialize($selectionIds->getValue(), ['allowed_classes' => false]); $buyRequest = $product->getCustomOption('info_buyRequest'); - $buyRequest = new Varien_Object(unserialize($buyRequest->getValue())); + $buyRequest = new Varien_Object(unserialize($buyRequest->getValue(), ['allowed_classes' => false])); $bundleOption = $buyRequest->getBundleOption(); if (empty($bundleOption) && empty($selectionIds)) { diff --git a/app/code/core/Mage/Bundle/Model/Sales/Order/Pdf/Items/Abstract.php b/app/code/core/Mage/Bundle/Model/Sales/Order/Pdf/Items/Abstract.php index 8c8e931cb20..d4064381d12 100644 --- a/app/code/core/Mage/Bundle/Model/Sales/Order/Pdf/Items/Abstract.php +++ b/app/code/core/Mage/Bundle/Model/Sales/Order/Pdf/Items/Abstract.php @@ -196,7 +196,7 @@ public function getSelectionAttributes($item) $options = $item->getOrderItem()->getProductOptions(); } if (isset($options['bundle_selection_attributes'])) { - return unserialize($options['bundle_selection_attributes']); + return unserialize($options['bundle_selection_attributes'], ['allowed_classes' => false]); } return null; } diff --git a/app/code/core/Mage/Catalog/Helper/Product/Configuration.php b/app/code/core/Mage/Catalog/Helper/Product/Configuration.php index ad8de4e28b5..b86b0513a8a 100644 --- a/app/code/core/Mage/Catalog/Helper/Product/Configuration.php +++ b/app/code/core/Mage/Catalog/Helper/Product/Configuration.php @@ -85,7 +85,7 @@ public function getCustomOptions(Mage_Catalog_Model_Product_Configuration_Item_I $addOptions = $item->getOptionByCode('additional_options'); if ($addOptions) { - $options = array_merge($options, unserialize($addOptions->getValue())); + $options = array_merge($options, unserialize($addOptions->getValue(), ['allowed_classes' => false])); } return $options; diff --git a/app/code/core/Mage/Catalog/Model/Product/Attribute/Source/Countryofmanufacture.php b/app/code/core/Mage/Catalog/Model/Product/Attribute/Source/Countryofmanufacture.php index 9e5ee464620..e5c7c472dee 100644 --- a/app/code/core/Mage/Catalog/Model/Product/Attribute/Source/Countryofmanufacture.php +++ b/app/code/core/Mage/Catalog/Model/Product/Attribute/Source/Countryofmanufacture.php @@ -42,7 +42,7 @@ public function getAllOptions() { $cacheKey = 'DIRECTORY_COUNTRY_SELECT_STORE_' . Mage::app()->getStore()->getCode(); if (Mage::app()->useCache('config') && $cache = Mage::app()->loadCache($cacheKey)) { - $options = unserialize($cache); + $options = unserialize($cache, ['allowed_classes' => false]); } else { $collection = Mage::getModel('directory/country')->getResourceCollection(); if (!Mage::app()->getStore()->isAdmin()) { diff --git a/app/code/core/Mage/Catalog/Model/Product/Type/Abstract.php b/app/code/core/Mage/Catalog/Model/Product/Type/Abstract.php index a684685b4e1..e9d524aa202 100644 --- a/app/code/core/Mage/Catalog/Model/Product/Type/Abstract.php +++ b/app/code/core/Mage/Catalog/Model/Product/Type/Abstract.php @@ -602,7 +602,7 @@ public function getOrderOptions($product = null) { $optionArr = array(); if ($info = $this->getProduct($product)->getCustomOption('info_buyRequest')) { - $optionArr['info_buyRequest'] = unserialize($info->getValue()); + $optionArr['info_buyRequest'] = unserialize($info->getValue(), ['allowed_classes' => false]); } if ($optionIds = $this->getProduct($product)->getCustomOption('option_ids')) { diff --git a/app/code/core/Mage/Catalog/Model/Product/Type/Configurable.php b/app/code/core/Mage/Catalog/Model/Product/Type/Configurable.php index e947e6b399b..d555738377e 100644 --- a/app/code/core/Mage/Catalog/Model/Product/Type/Configurable.php +++ b/app/code/core/Mage/Catalog/Model/Product/Type/Configurable.php @@ -548,7 +548,7 @@ public function getSelectedAttributesInfo($product = null) $attributes = array(); Varien_Profiler::start('CONFIGURABLE:'.__METHOD__); if ($attributesOption = $this->getProduct($product)->getCustomOption('attributes')) { - $data = unserialize($attributesOption->getValue()); + $data = unserialize($attributesOption->getValue(), ['allowed_classes' => false]); $this->getUsedProductAttributeIds($product); $usedAttributes = $this->getProduct($product)->getData($this->_usedAttributes); @@ -681,7 +681,7 @@ public function checkProductBuyState($product = null) $product = $this->getProduct($product); $option = $product->getCustomOption('info_buyRequest'); if ($option instanceof Mage_Sales_Model_Quote_Item_Option) { - $buyRequest = new Varien_Object(unserialize($option->getValue())); + $buyRequest = new Varien_Object(unserialize($option->getValue(), ['allowed_classes' => false])); $attributes = $buyRequest->getSuperAttribute(); if (is_array($attributes)) { foreach ($attributes as $key => $val) { diff --git a/app/code/core/Mage/Catalog/Model/Product/Type/Configurable/Price.php b/app/code/core/Mage/Catalog/Model/Product/Type/Configurable/Price.php index 97ec1593502..2a785f6d49c 100644 --- a/app/code/core/Mage/Catalog/Model/Product/Type/Configurable/Price.php +++ b/app/code/core/Mage/Catalog/Model/Product/Type/Configurable/Price.php @@ -78,7 +78,7 @@ public function getTotalConfigurableItemsPrice($product, $finalPrice) $selectedAttributes = array(); if ($product->getCustomOption('attributes')) { - $selectedAttributes = unserialize($product->getCustomOption('attributes')->getValue()); + $selectedAttributes = unserialize($product->getCustomOption('attributes')->getValue(), ['allowed_classes' => false]); } /** @var Mage_Catalog_Model_Product_Type_Configurable_Attribute $attribute */ diff --git a/app/code/core/Mage/Catalog/Model/Resource/Product/Collection.php b/app/code/core/Mage/Catalog/Model/Resource/Product/Collection.php index 02ccd87167b..dc813be038b 100644 --- a/app/code/core/Mage/Catalog/Model/Resource/Product/Collection.php +++ b/app/code/core/Mage/Catalog/Model/Resource/Product/Collection.php @@ -1161,7 +1161,7 @@ protected function _addUrlRewrite() if (!($urlRewrites = Mage::app()->loadCache($this->_cacheConf['prefix'] . 'urlrewrite'))) { $urlRewrites = null; } else { - $urlRewrites = unserialize($urlRewrites); + $urlRewrites = unserialize($urlRewrites, ['allowed_classes' => false]); } } diff --git a/app/code/core/Mage/CatalogIndex/Model/Resource/Aggregation.php b/app/code/core/Mage/CatalogIndex/Model/Resource/Aggregation.php index 2c41c354dfe..2cd6715b29e 100644 --- a/app/code/core/Mage/CatalogIndex/Model/Resource/Aggregation.php +++ b/app/code/core/Mage/CatalogIndex/Model/Resource/Aggregation.php @@ -74,7 +74,7 @@ public function getCacheData($key, $storeId) ->where('a.key=?', $key); $data = $this->_getReadAdapter()->fetchOne($select); if ($data) { - $data = unserialize($data); + $data = unserialize($data, ['allowed_classes' => false]); } else { $data = array(); } diff --git a/app/code/core/Mage/Checkout/Block/Onepage/Abstract.php b/app/code/core/Mage/Checkout/Block/Onepage/Abstract.php index c99d69702cf..41233274dcc 100644 --- a/app/code/core/Mage/Checkout/Block/Onepage/Abstract.php +++ b/app/code/core/Mage/Checkout/Block/Onepage/Abstract.php @@ -218,7 +218,7 @@ public function getCountryOptions() $cacheId = 'DIRECTORY_COUNTRY_SELECT_STORE_' . Mage::app()->getStore()->getCode(); $cacheTags = array('config'); if ($optionsCache = Mage::app()->loadCache($cacheId)) { - $options = unserialize($optionsCache); + $options = unserialize($optionsCache, ['allowed_classes' => false]); } } diff --git a/app/code/core/Mage/Core/Helper/UnserializeArray.php b/app/code/core/Mage/Core/Helper/UnserializeArray.php index fb567768c27..5a642a74ea4 100644 --- a/app/code/core/Mage/Core/Helper/UnserializeArray.php +++ b/app/code/core/Mage/Core/Helper/UnserializeArray.php @@ -40,7 +40,14 @@ class Mage_Core_Helper_UnserializeArray */ public function unserialize($str) { - $parser = new Unserialize_Parser(); - return $parser->unserialize($str); + try { + $result = unserialize($str, ['allowed_classes' => false]); + if ($result === false && $str !== serialize(false)) { + throw new Exception('Error unserializing data.'); + } + return $result; + } catch (Error $e) { + throw new Exception('Error unserializing data: '.$e->getMessage(), 0, $e); + } } } diff --git a/app/code/core/Mage/Core/Model/Cache.php b/app/code/core/Mage/Core/Model/Cache.php index 6a28a759186..831dfa4e764 100644 --- a/app/code/core/Mage/Core/Model/Cache.php +++ b/app/code/core/Mage/Core/Model/Cache.php @@ -500,7 +500,7 @@ protected function _initOptions() $this->_allowedCacheOptions = array(); } } else { - $this->_allowedCacheOptions = unserialize($options); + $this->_allowedCacheOptions = unserialize($options, ['allowed_classes' => false]); } if (Mage::getConfig()->getOptions()->getData('global_ban_use_cache')) { @@ -611,7 +611,7 @@ protected function _getInvalidatedTypes() { $types = $this->load(self::INVALIDATED_TYPES); if ($types) { - $types = unserialize($types); + $types = unserialize($types, ['allowed_classes' => false]); } else { $types = array(); } diff --git a/app/code/core/Mage/Core/Model/Flag.php b/app/code/core/Mage/Core/Model/Flag.php index 716e0144702..3dd209b452b 100644 --- a/app/code/core/Mage/Core/Model/Flag.php +++ b/app/code/core/Mage/Core/Model/Flag.php @@ -87,7 +87,7 @@ protected function _beforeSave() public function getFlagData() { if ($this->hasFlagData()) { - return unserialize($this->getData('flag_data')); + return unserialize($this->getData('flag_data'), ['allowed_classes' => false]); } else { return null; } diff --git a/app/code/core/Mage/Core/Model/Resource/Abstract.php b/app/code/core/Mage/Core/Model/Resource/Abstract.php index c87a7028172..5dddab013bb 100644 --- a/app/code/core/Mage/Core/Model/Resource/Abstract.php +++ b/app/code/core/Mage/Core/Model/Resource/Abstract.php @@ -197,7 +197,7 @@ protected function _unserializeField(Varien_Object $object, $field, $defaultValu if (empty($value)) { $object->setData($field, $defaultValue); } elseif (!is_array($value) && !is_object($value)) { - $object->setData($field, unserialize($value)); + $object->setData($field, unserialize($value, ['allowed_classes' => ['Varien_Object']])); } } diff --git a/app/code/core/Mage/Core/Model/Resource/Email/Queue.php b/app/code/core/Mage/Core/Model/Resource/Email/Queue.php index 5636fdbc97a..e6f7fc2a603 100644 --- a/app/code/core/Mage/Core/Model/Resource/Email/Queue.php +++ b/app/code/core/Mage/Core/Model/Resource/Email/Queue.php @@ -43,7 +43,7 @@ protected function _construct() protected function _afterLoad(Mage_Core_Model_Abstract $object) { $object->setRecipients($this->getRecipients($object->getId())); - $object->setMessageParameters(unserialize($object->getMessageParameters())); + $object->setMessageParameters(unserialize($object->getMessageParameters(), ['allowed_classes' => false])); return $this; } diff --git a/app/code/core/Mage/Core/Model/Store.php b/app/code/core/Mage/Core/Model/Store.php index c58e23d0098..03686194ae2 100644 --- a/app/code/core/Mage/Core/Model/Store.php +++ b/app/code/core/Mage/Core/Model/Store.php @@ -415,7 +415,7 @@ public function initConfigCache() $cacheId = 'store_' . $code . '_config_cache'; $data = Mage::app()->loadCache($cacheId); if ($data) { - $data = unserialize($data); + $data = unserialize($data, ['allowed_classes' => false]); } else { $data = array(); foreach ($this->_configCacheBaseNodes as $node) { diff --git a/app/code/core/Mage/Core/Model/Translate.php b/app/code/core/Mage/Core/Model/Translate.php index b3a5927044a..bbf0183a77f 100644 --- a/app/code/core/Mage/Core/Model/Translate.php +++ b/app/code/core/Mage/Core/Model/Translate.php @@ -535,7 +535,7 @@ protected function _loadCache() return false; } $data = Mage::app()->loadCache($this->getCacheId()); - $data = unserialize($data); + $data = unserialize($data, ['allowed_classes' => false]); return $data; } diff --git a/app/code/core/Mage/Dataflow/Model/Batch.php b/app/code/core/Mage/Dataflow/Model/Batch.php index d6c269b31f0..c1954cbc7e3 100644 --- a/app/code/core/Mage/Dataflow/Model/Batch.php +++ b/app/code/core/Mage/Dataflow/Model/Batch.php @@ -205,7 +205,7 @@ public function setParams($data) public function getParams() { $data = $this->_data['params']; - $data = unserialize($data); + $data = unserialize($data, ['allowed_classes' => false]); return $data; } } diff --git a/app/code/core/Mage/Dataflow/Model/Batch/Abstract.php b/app/code/core/Mage/Dataflow/Model/Batch/Abstract.php index 507d0c0039c..3df5e66a065 100644 --- a/app/code/core/Mage/Dataflow/Model/Batch/Abstract.php +++ b/app/code/core/Mage/Dataflow/Model/Batch/Abstract.php @@ -63,7 +63,7 @@ public function setBatchData($data) public function getBatchData() { $data = $this->_data['batch_data']; - $data = unserialize($data); + $data = unserialize($data, ['allowed_classes' => false]); return $data; } diff --git a/app/code/core/Mage/Dataflow/Model/Convert/Parser/Serialize.php b/app/code/core/Mage/Dataflow/Model/Convert/Parser/Serialize.php index ea29c4aaa07..97db407911f 100644 --- a/app/code/core/Mage/Dataflow/Model/Convert/Parser/Serialize.php +++ b/app/code/core/Mage/Dataflow/Model/Convert/Parser/Serialize.php @@ -37,7 +37,7 @@ class Mage_Dataflow_Model_Convert_Parser_Serialize extends Mage_Dataflow_Model_C public function parse() { - $this->setData(unserialize($this->getData())); + $this->setData(unserialize($this->getData(), ['allowed_classes' => false])); return $this; } diff --git a/app/code/core/Mage/Directory/Block/Data.php b/app/code/core/Mage/Directory/Block/Data.php index af85ddcef88..63c9a044d9a 100644 --- a/app/code/core/Mage/Directory/Block/Data.php +++ b/app/code/core/Mage/Directory/Block/Data.php @@ -74,7 +74,7 @@ public function getCountryHtmlSelect($defValue = null, $name = 'country_id', $id } $cacheKey = 'DIRECTORY_COUNTRY_SELECT_STORE_'.Mage::app()->getStore()->getCode(); if (Mage::app()->useCache('config') && $cache = Mage::app()->loadCache($cacheKey)) { - $options = unserialize($cache); + $options = unserialize($cache, ['allowed_classes' => false]); } else { $options = $this->getCountryCollection()->toOptionArray(); if (Mage::app()->useCache('config')) { @@ -119,7 +119,7 @@ public function getRegionHtmlSelect() Varien_Profiler::start('TEST: '.__METHOD__); $cacheKey = 'DIRECTORY_REGION_SELECT_STORE'.Mage::app()->getStore()->getId(); if (Mage::app()->useCache('config') && $cache = Mage::app()->loadCache($cacheKey)) { - $options = unserialize($cache); + $options = unserialize($cache, ['allowed_classes' => false]); } else { $options = $this->getRegionCollection()->toOptionArray(); if (Mage::app()->useCache('config')) { diff --git a/app/code/core/Mage/Downloadable/Model/Product/Type.php b/app/code/core/Mage/Downloadable/Model/Product/Type.php index d8e7e97ff46..49a45f167ac 100644 --- a/app/code/core/Mage/Downloadable/Model/Product/Type.php +++ b/app/code/core/Mage/Downloadable/Model/Product/Type.php @@ -339,7 +339,7 @@ public function checkProductBuyState($product = null) $product = $this->getProduct($product); $option = $product->getCustomOption('info_buyRequest'); if ($option instanceof Mage_Sales_Model_Quote_Item_Option) { - $buyRequest = new Varien_Object(unserialize($option->getValue())); + $buyRequest = new Varien_Object(unserialize($option->getValue(), ['allowed_classes' => false])); if (!$buyRequest->hasLinks()) { if (!$product->getLinksPurchasedSeparately()) { $allLinksIds = Mage::getModel('downloadable/link') diff --git a/app/code/core/Mage/Eav/Model/Config.php b/app/code/core/Mage/Eav/Model/Config.php index 413057b5bbb..7b3f9eab63b 100644 --- a/app/code/core/Mage/Eav/Model/Config.php +++ b/app/code/core/Mage/Eav/Model/Config.php @@ -249,7 +249,7 @@ protected function _initEntityTypes() */ if ($this->_isCacheEnabled() && ($cache = Mage::app()->loadCache(self::ENTITIES_CACHE_ID))) { - $this->_entityData = unserialize($cache); + $this->_entityData = unserialize($cache, ['allowed_classes' => false]); foreach ($this->_entityData as $typeCode => $data) { $typeId = $data['entity_type_id']; $this->_addEntityTypeReference($typeId, $typeCode); diff --git a/app/code/core/Mage/Index/Model/Event.php b/app/code/core/Mage/Index/Model/Event.php index 059e7bb99e2..2466b35d108 100644 --- a/app/code/core/Mage/Index/Model/Event.php +++ b/app/code/core/Mage/Index/Model/Event.php @@ -201,7 +201,7 @@ public function mergePreviousData($data) } if (!empty($data['new_data'])) { - $previousNewData = unserialize($data['new_data']); + $previousNewData = unserialize($data['new_data'], ['allowed_classes' => false]); $currentNewData = $this->getNewData(false); $currentNewData = $this->_mergeNewDataRecursive($previousNewData, $currentNewData); $this->setNewData(serialize($currentNewData)); @@ -260,7 +260,7 @@ public function getNewData($useNamespace = true) { $data = $this->_getData('new_data'); if (is_string($data)) { - $data = unserialize($data); + $data = unserialize($data, ['allowed_classes' => false]); } elseif (empty($data) || !is_array($data)) { $data = array(); } diff --git a/app/code/core/Mage/Paygate/sql/paygate_setup/mysql4-data-upgrade-0.7.0-0.7.1.php b/app/code/core/Mage/Paygate/sql/paygate_setup/mysql4-data-upgrade-0.7.0-0.7.1.php index 23fc16aa946..903842b8732 100644 --- a/app/code/core/Mage/Paygate/sql/paygate_setup/mysql4-data-upgrade-0.7.0-0.7.1.php +++ b/app/code/core/Mage/Paygate/sql/paygate_setup/mysql4-data-upgrade-0.7.0-0.7.1.php @@ -72,7 +72,7 @@ 'captured_amount' => $payment['base_amount_paid_online'], 'refunded_amount' => $payment['base_amount_refunded_online'] ); - $additionalInformation = unserialize($payment['additional_information']); + $additionalInformation = unserialize($payment['additional_information'], ['allowed_classes' => false]); if (isset ($additionalInformation['authorize_cards'])) { continue; } @@ -120,8 +120,9 @@ foreach ($transactions as $transaction) { $transactionId = $transaction['transaction_id']; - $realTransactionId = array_shift(explode('-', $transaction['txn_id'])); - $additionalInformation = unserialize($transaction['additional_information']); + $parts = explode('-', $transaction['txn_id']); + $realTransactionId = array_shift($parts); + $additionalInformation = unserialize($transaction['additional_information'], ['allowed_classes' => false]); $additionalInformation['real_transaction_id'] = $realTransactionId; $additionalInformation = serialize($additionalInformation); diff --git a/app/code/core/Mage/Payment/Model/Recurring/Profile.php b/app/code/core/Mage/Payment/Model/Recurring/Profile.php index 5da59c5085c..2cfcdb3573d 100644 --- a/app/code/core/Mage/Payment/Model/Recurring/Profile.php +++ b/app/code/core/Mage/Payment/Model/Recurring/Profile.php @@ -266,7 +266,7 @@ public function importProduct(Mage_Catalog_Model_Product $product) // collect start datetime from the product options $options = $product->getCustomOption(self::PRODUCT_OPTIONS_KEY); if ($options) { - $options = unserialize($options->getValue()); + $options = unserialize($options->getValue(), ['allowed_classes' => false]); if (is_array($options)) { if (isset($options['start_datetime'])) { $startDatetime = new Zend_Date($options['start_datetime'], Varien_Date::DATETIME_INTERNAL_FORMAT); diff --git a/app/code/core/Mage/Sales/Model/Config/Ordered.php b/app/code/core/Mage/Sales/Model/Config/Ordered.php index 97b67a2d667..a25237d180a 100644 --- a/app/code/core/Mage/Sales/Model/Config/Ordered.php +++ b/app/code/core/Mage/Sales/Model/Config/Ordered.php @@ -131,7 +131,7 @@ protected function _getSortedCollectorCodes() if (Mage::app()->useCache('config')) { $cachedData = Mage::app()->loadCache($this->_collectorsCacheKey); if ($cachedData) { - return unserialize($cachedData); + return unserialize($cachedData, ['allowed_classes' => false]); } } $configArray = $this->_modelsConfig; diff --git a/app/code/core/Mage/Sales/Model/Order/Item.php b/app/code/core/Mage/Sales/Model/Order/Item.php index a08d3a18249..94f58b74a43 100644 --- a/app/code/core/Mage/Sales/Model/Order/Item.php +++ b/app/code/core/Mage/Sales/Model/Order/Item.php @@ -630,7 +630,7 @@ public function setProductOptions(array $options) public function getProductOptions() { if ($options = $this->_getData('product_options')) { - return unserialize($options); + return unserialize($options, ['allowed_classes' => false]); } return array(); } @@ -833,7 +833,7 @@ public function getProduct() */ public function getBaseDiscountAppliedForWeeeTax() { - $weeeTaxAppliedAmounts = unserialize($this->getWeeeTaxApplied()); + $weeeTaxAppliedAmounts = unserialize($this->getWeeeTaxApplied(), ['allowed_classes' => false]); $totalDiscount = 0; if (!is_array($weeeTaxAppliedAmounts)) { return $totalDiscount; @@ -856,7 +856,7 @@ public function getBaseDiscountAppliedForWeeeTax() */ public function getDiscountAppliedForWeeeTax() { - $weeeTaxAppliedAmounts = unserialize($this->getWeeeTaxApplied()); + $weeeTaxAppliedAmounts = unserialize($this->getWeeeTaxApplied(), ['allowed_classes' => false]); $totalDiscount = 0; if (!is_array($weeeTaxAppliedAmounts)) { return $totalDiscount; diff --git a/app/code/core/Mage/Sales/Model/Service/Order.php b/app/code/core/Mage/Sales/Model/Service/Order.php index ca0bbc1b12d..4389b95d837 100644 --- a/app/code/core/Mage/Sales/Model/Service/Order.php +++ b/app/code/core/Mage/Sales/Model/Service/Order.php @@ -171,7 +171,7 @@ public function prepareShipment($qtys = array()) if (isset($qtys[$orderItem->getParentItemId()])) { $productOptions = $orderItem->getProductOptions(); if (isset($productOptions['bundle_selection_attributes'])) { - $bundleSelectionAttributes = unserialize($productOptions['bundle_selection_attributes']); + $bundleSelectionAttributes = unserialize($productOptions['bundle_selection_attributes'], ['allowed_classes' => false]); if ($bundleSelectionAttributes) { $qty = $bundleSelectionAttributes['qty'] * $qtys[$orderItem->getParentItemId()]; diff --git a/app/code/core/Mage/Sales/controllers/DownloadController.php b/app/code/core/Mage/Sales/controllers/DownloadController.php index 13ec7ca8954..4b97264748b 100644 --- a/app/code/core/Mage/Sales/controllers/DownloadController.php +++ b/app/code/core/Mage/Sales/controllers/DownloadController.php @@ -127,7 +127,7 @@ public function downloadProfileCustomOptionAction() $orderItemInfo = $recurringProfile->getData('order_item_info'); try { - $request = unserialize($orderItemInfo['info_buyRequest']); + $request = unserialize($orderItemInfo['info_buyRequest'], ['allowed_classes' => false]); if ($request['product'] != $orderItemInfo['product_id']) { $this->_forward('noRoute'); diff --git a/app/code/core/Mage/Weee/Helper/Data.php b/app/code/core/Mage/Weee/Helper/Data.php index 58eb375ea52..5eeab06ca3d 100644 --- a/app/code/core/Mage/Weee/Helper/Data.php +++ b/app/code/core/Mage/Weee/Helper/Data.php @@ -277,7 +277,7 @@ public function getApplied($item) if (empty($data)) { return array(); } - return unserialize($item->getWeeeTaxApplied()); + return unserialize($item->getWeeeTaxApplied(), ['allowed_classes' => false]); } /** diff --git a/app/code/core/Mage/Widget/Model/Resource/Widget.php b/app/code/core/Mage/Widget/Model/Resource/Widget.php index d07987047d5..0472fb34f22 100644 --- a/app/code/core/Mage/Widget/Model/Resource/Widget.php +++ b/app/code/core/Mage/Widget/Model/Resource/Widget.php @@ -60,7 +60,7 @@ public function loadPreconfiguredWidget($widgetId) $widget = $readAdapter->fetchRow($select, $bind); if (is_array($widget)) { if ($widget['parameters']) { - $widget['parameters'] = unserialize($widget['parameters']); + $widget['parameters'] = unserialize($widget['parameters'], ['allowed_classes' => false]); } return $widget; } diff --git a/app/code/core/Mage/Wishlist/Model/Item.php b/app/code/core/Mage/Wishlist/Model/Item.php index 263fde84737..c977471691b 100644 --- a/app/code/core/Mage/Wishlist/Model/Item.php +++ b/app/code/core/Mage/Wishlist/Model/Item.php @@ -429,7 +429,7 @@ public function getProductUrl() public function getBuyRequest() { $option = $this->getOptionByCode('info_buyRequest'); - $initialData = $option ? unserialize($option->getValue()) : null; + $initialData = $option ? unserialize($option->getValue(), ['allowed_classes' => false]) : null; // There can be wrong data due to bug in Grouped products - it formed 'info_buyRequest' as Varien_Object if ($initialData instanceof Varien_Object) { diff --git a/app/code/core/Mage/Wishlist/Model/Wishlist.php b/app/code/core/Mage/Wishlist/Model/Wishlist.php index b56ef17e5e8..5b237254a74 100644 --- a/app/code/core/Mage/Wishlist/Model/Wishlist.php +++ b/app/code/core/Mage/Wishlist/Model/Wishlist.php @@ -348,7 +348,7 @@ public function addNewItem($product, $buyRequest = null, $forciblySetQty = false if ($buyRequest instanceof Varien_Object) { $_buyRequest = $buyRequest; } elseif (is_string($buyRequest)) { - $_buyRequest = new Varien_Object(unserialize($buyRequest)); + $_buyRequest = new Varien_Object(unserialize($buyRequest, ['allowed_classes' => false])); } elseif (is_array($buyRequest)) { $_buyRequest = new Varien_Object($buyRequest); } else { diff --git a/app/code/core/Mage/Wishlist/controllers/IndexController.php b/app/code/core/Mage/Wishlist/controllers/IndexController.php index 88020feb86c..173933bda64 100644 --- a/app/code/core/Mage/Wishlist/controllers/IndexController.php +++ b/app/code/core/Mage/Wishlist/controllers/IndexController.php @@ -755,7 +755,7 @@ public function downloadCustomOptionAction() } try { - $info = unserialize($option->getValue()); + $info = unserialize($option->getValue(), ['allowed_classes' => false]); $filePath = Mage::getBaseDir() . $info['quote_path']; $secretKey = $this->getRequest()->getParam('key'); diff --git a/errors/processor.php b/errors/processor.php index 1ec731cd8a8..50080016708 100644 --- a/errors/processor.php +++ b/errors/processor.php @@ -502,7 +502,7 @@ public function loadReport($reportId) $reportContent = file_get_contents($this->_reportFile); if (!preg_match('/[oc]:[+\-]?\d+:"/i', $reportContent )) { - $reportData = unserialize($reportContent ); + $reportData = unserialize($reportContent, ['allowed_classes' => false]); } if (is_array($reportData)) { $this->_setReportData($reportData); diff --git a/lib/Mage/Cache/Backend/File.php b/lib/Mage/Cache/Backend/File.php index 4f316384a63..d21717532a1 100644 --- a/lib/Mage/Cache/Backend/File.php +++ b/lib/Mage/Cache/Backend/File.php @@ -407,7 +407,7 @@ protected function _getCache($file, $withData) flock($fd, LOCK_UN); } fclose($fd); - $metadata = @unserialize(rtrim($metadata, "\n")); + $metadata = @unserialize(rtrim($metadata, "\n"), ['allowed_classes' => false]); if ($withData) { return array($metadata, $data); } diff --git a/lib/Varien/Db/Adapter/Pdo/Mysql.php b/lib/Varien/Db/Adapter/Pdo/Mysql.php index 6981be6c9e5..7e5a54633c0 100644 --- a/lib/Varien/Db/Adapter/Pdo/Mysql.php +++ b/lib/Varien/Db/Adapter/Pdo/Mysql.php @@ -1564,7 +1564,7 @@ public function loadDdlCache($tableCacheKey, $ddlType) $cacheId = $this->_getCacheId($tableCacheKey, $ddlType); $data = $this->_cacheAdapter->load($cacheId); if ($data !== false) { - $data = unserialize($data); + $data = unserialize($data, ['allowed_classes' => false]); $this->_ddlCache[$ddlType][$tableCacheKey] = $data; } return $data;