Description:
------------
tested PHP version: PHP 7.0.18-dev (macOS Sierra 10.12.3)
configure option: --without-iconv

According to `ext/standard/var_unsrializer.re`, serialized float number is defined as `"d:" (iv | nv | nvexp) ";"`.
https://github.com/php/php-src/blob/fd4025069d561b4196851c2e9a85b5bfdfe1465a/ext/standard/var_unserializer.re#L731

And `nvexp` is defined as following:
> iv = [+-]? [0-9]+;
> nv = [+-]? ([0-9]* "." [0-9]+|[0-9]+ "." [0-9]*);
> nvexp = (iv | nv) [eE] [+-]? iv;
https://github.com/php/php-src/blob/fd4025069d561b4196851c2e9a85b5bfdfe1465a/ext/standard/var_unserializer.re#L320-L322

Since `nvexp` exponent part, i.e. `[+-]? iv`, contains optional plus/minus sign (`[+-]?`) and `iv`, and `iv` may contain plus/minus sign, `nvexp` may contain two plus/minus signs for exponent part.

In addition, if exponent part of serialized float number contains two plus/minus signs, the information of the exponent part is not used during unserializing.


Test script:
---------------
<?php
error_reporting(E_ALL);
var_dump(unserialize('d:2e+2;'));
var_dump(unserialize('d:2e++2;'));
var_dump(unserialize('d:2e+++2;'));


Expected result:
----------------
float(200)

Notice: unserialize(): Error at offset 0 of 8 bytes in %s on line %d
bool(false)

Notice: unserialize(): Error at offset 0 of 9 bytes in %s on line %d
bool(false)


Actual result:
--------------
float(200)
float(2)

Notice: unserialize(): Error at offset 0 of 9 bytes in %s on line %d
bool(false)