php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #62672 Error on serialize of ArrayObject
Submitted: 2012-07-27 11:04 UTC Modified: -
Votes:5
Avg. Score:3.6 ± 0.8
Reproduced:5 of 5 (100.0%)
Same Version:2 (40.0%)
Same OS:0 (0.0%)
From: t dot weber at interexa dot de Assigned:
Status: Closed Package: SPL related
PHP Version: 5.3.15 OS: Cent OS
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: t dot weber at interexa dot de
New email:
PHP Version: OS:

 

 [2012-07-27 11:04 UTC] t dot weber at interexa dot de 
Description:
------------
Serialize and direct unserialize of Objects does not work if return value of ArrayObject::getIterator is contained in parent class (see Test script)

Test script:
---------------
class ObjA
{
    private $_varA;

    public function __construct(Iterator $source)
    {
        $this->_varA = $source;
    }
}

class ObjB extends ObjA
{
    private $_varB;

    public function __construct(ArrayObject $keys)
    {
        $this->_varB = $keys;
        parent::__construct($keys->getIterator());
    }
}

$obj = new ObjB(new ArrayObject());

unserialize(serialize($obj));

Patches

bug_26272 (last revision 2012-08-05 12:54 UTC by lior dot k at zend dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-07-27 16:08 UTC] j dot henge-ernst at interexa dot de 
The problem is that the unserialize of ArrayIterator (and also maybe ArrayObject or other SPL classes) can not dereference object references.

A simpler Testcase:
<?php
$x = new ArrayObject();
$t = array($x, $x->getIterator());
$s = serialize($t);
$e = unserialize($s);

Fatal error: Uncaught exception 'UnexpectedValueException' with message 'Error at offset 13 of 26 bytes' in /tmp/test2.php:5
Stack trace:
#0 [internal function]: ArrayIterator->unserialize('x:i:16777216;r:...')
#1 /tmp/test2.php(5): unserialize('a:2:{i:0;C:11:"...')
#2 {main}
  thrown in /tmp/test2.php on line 5

If the order in the array is reversed it works, as now the ArrayObject is only a reference in the array.

Same behaviour with PHP 5.4.5
 [2012-08-05 12:56 UTC] lior dot k at zend dot com 
Please see the attached patch by Yoram Bar-Haim <yoram.b@zend.com>
 [2012-11-25 11:16 UTC] lior dot k at zend dot com 
ping ?
 [2013-06-26 00:18 UTC] felipe@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=04db57066deb73ef9c960a2c5bebad49195bc1bb
Log: - Fixed bug #62672 (Error on serialize of ArrayObject) patch by: lior dot k at zend dot com
 [2013-06-26 00:18 UTC] felipe@php.net
-Status: Open +Status: Closed
 [2013-06-26 07:39 UTC] lior dot k at zend dot com 
Thanks for including the patch, credit goes to "Yoram Bar-Haim 
<yoram.b@zend.com>" not myself (I'm just the messenger).
 [2014-10-07 23:18 UTC] stas@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=04db57066deb73ef9c960a2c5bebad49195bc1bb
Log: - Fixed bug #62672 (Error on serialize of ArrayObject) patch by: lior dot k at zend dot com
 [2014-10-07 23:29 UTC] stas@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=04db57066deb73ef9c960a2c5bebad49195bc1bb
Log: - Fixed bug #62672 (Error on serialize of ArrayObject) patch by: lior dot k at zend dot com
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 12:01:29 2024 UTC