Remi's RPM repository - Packages

Blog | Forum | Repository | Wizard

php-brumann-polyfill-unserialize - Backports unserialize options introduced in PHP 7.0

Website:
https://github.com/dbrumann/polyfill-unserialize
Licence:
MIT
Vendor:
Remi Collet
Description:
Backports unserialize options introduced in PHP 7.0 to older PHP versions. This
was originally designed as a Proof of Concept for Symfony Issue
[#21090](https://github.com/symfony/symfony/pull/21090).

You can use this package in projects that rely on PHP versions older than PHP
7.0. In case you are using PHP 7.0+ the original unserialize() will be used
instead.

From the
[documentation](https://secure.php.net/manual/en/function.unserialize.php):

> Warning: Do not pass untrusted user input to unserialize(). Unserialization
> can result in code being loaded and executed due to object instantiation and
> autoloading, and a malicious user may be able to exploit this.

This warning holds true even when `allowed_classes` is used.

Autoloader: /usr/share/php/Brumann/Polyfill/autoload.php

Packages

php-brumann-polyfill-unserialize-1.0.3-1.el6.remi.noarch [7 KiB] Changelog by Shawn Iwinski (2019-05-08):
- Initial package