PHP :: Bug #31402 :: unserialize creates a field containing a reference when it should not

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for

Bug #31402

unserialize creates a field containing a reference when it should not

Submitted:

2005-01-04 09:22 UTC

Modified:

2005-06-17 15:53 UTC

Votes:	7
Avg. Score:	4.7 ± 0.7
Reproduced:	6 of 6 (100.0%)
Same Version:	5 (83.3%)
Same OS:	2 (33.3%)

From:

otto at efficiency-online dot nl

Assigned:

dmitry (profile)

Status:

Closed

Package:

Scripting Engine problem

PHP Version:

5CVS, 4CVS (2005-01-18)

OS:

*

Private report:

No

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	otto at efficiency-online dot nl
New email:
PHP Version:		OS:

New Comment:

[2005-01-04 09:22 UTC] otto at efficiency-online dot nl

Description:
------------
An object having a field initialized to a element of an array   in the same object is transformed into a reference after unserializing. I had a session object exposing this problem and managed to create a code snippet exposing the problem. After the assignment to the field $y->B, the array should not have changed, but it is changed.
It looks like $y->B has become a reference to $y->A[1] after the unserialize call. This is a regression wrt to 4.3.9 and might be related to bug Bug #31213.

Reproduce code:
---------------
<?php 

class X {
  var $i;

  function X($i) {
    $this->i = $i;
  }
}

class Y {
  var $A = array();
  var $B;

  function x() {
    $this->A[1] = new X(1);
    $this->A[2] = new X(2);
    $this->B = $this->A[1];
  }
}

$x = new Y();
$x->x();

echo "original object:\n";
print_r($x);

$ser = serialize($x);
$y = unserialize($ser);

echo "after unserialize:\n";
print_r($y);
$y->B = $y->A[2];
echo "after assignment:\n";
print_r($y);

?>

Expected result:
----------------
// result with 4.3.9
original object:
y Object
(
    [A] => Array
        (
            [1] => x Object
                (
                    [i] => 1
                )

            [2] => x Object
                (
                    [i] => 2
                )

        )

    [B] => x Object
        (
            [i] => 1
        )

)
after unserialize:
y Object
(
    [A] => Array
        (
            [1] => x Object
                (
                    [i] => 1
                )

            [2] => x Object
                (
                    [i] => 2
                )

        )

    [B] => x Object
        (
            [i] => 1
        )

)
after assignment:
y Object
(
    [A] => Array
        (
            [1] => x Object
                (
                    [i] => 1
                )

            [2] => x Object
                (
                    [i] => 2
                )

        )

    [B] => x Object
        (
            [i] => 2
        )

)

Actual result:
--------------
// result with 4.3.10
y Object
(
    [A] => Array
        (
            [1] => x Object
                (
                    [i] => 1
                )

            [2] => x Object
                (
                    [i] => 2
                )

        )

    [B] => x Object
        (
            [i] => 1
        )

)
after unserialize:
y Object
(
    [A] => Array
        (
            [1] => x Object
                (
                    [i] => 1
                )

            [2] => x Object
                (
                    [i] => 2
                )

        )

    [B] => x Object
        (
            [i] => 1
        )

)
after assignment:
y Object
(
    [A] => Array
        (
            [1] => x Object
                (
                    [i] => 2
                )

            [2] => x Object
                (
                    [i] => 2
                )

        )

    [B] => x Object
        (
            [i] => 2
        )

)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-06-17 15:53 UTC] dmitry@php.net

Fixed in PHP_4_4.
It was already fixed in HEAD and PHP_5_0.


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Sep 16 13:00:01 2025 UTC