php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #43319 Serialization of objects with Serializable interface and circular references
Submitted: 2007-11-17 15:26 UTC Modified: 2007-11-18 19:03 UTC
From: dnfeitosa@php.net Assigned:
Status: Not a bug Package: Reproducible crash
PHP Version: 5.2.5 OS: Linux, Windows
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: dnfeitosa@php.net
New email:
PHP Version: OS:

 

 [2007-11-17 15:26 UTC] dnfeitosa@php.net 
Description:
------------
Apache crashes and CLI segfault when serializing objects which have circular references and implements the Serializable interface.
Whitout the interface, the serialization and deserialization occurs without any problem.

Reproduce code:
---------------
<?php

class A implements Serializable {

  private $b;

  public function setB($b) {
    $this->b = $b;
  }
  
  public function serialize() {
    return serialize($this->b);
  }
  
  public function unserialize($s) {
    $this->b = unserialize($s);
  }

}

class B {

  private $a;

  public function __construct($a) {
    $a->setB($this);
    $this->a = $a;
  }
}


$a = new A();
$b = new B($a);

var_dump(serialize($b));
?>


Expected result:
----------------
The string of the serialized object.

Actual result:
--------------
Apache crash or cli segfault.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-11-18 04:28 UTC] crrodriguez+php at suse dot de 
This causes infinite recursion,hence a crash..  I expect a very clear:

zend_error(E_ERROR, "Nesting level too deep - recursive dependency?");
 [2007-11-18 17:35 UTC] dnfeitosa@php.net 
I don't know if this is the more apropriated solution for this problem.
When you try without the use of interface, you have the same recursion, but no crash.
 [2007-11-18 19:03 UTC] johannes@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

When having your own serialization function you have to take care of recursion yourself. We can't handle infinite recursions in a good way, see other bug reports about recursion issues.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Thu Jul 03 09:01:34 2025 UTC