PHP :: Bug #68319 :: base64 encode / serialize objects

Bug #68319	base64 encode / serialize objects
Submitted:	2014-10-28 14:41 UTC	Modified:	2017-01-01 20:49 UTC
From:	ljsteadman at gmail dot com	Assigned:	leigh (profile)
Status:	Duplicate	Package:	Class/Object related
PHP Version:	master-Git-2014-10-28 (Git)	OS:	CentOS release 6.5
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	ljsteadman at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2014-10-28 14:41 UTC] ljsteadman at gmail dot com

Description:
------------
unserializing a base64 encoded string, which contains an object, causes property issues if the defined class changes property visibility.

Test script:
---------------
http://3v4l.org/mnHXp

Expected result:
----------------
The defined class should take precedence over the serialized object. If the class definitions mismatch, throw a warning.

Actual result:
--------------
Two properties end up on the object, both the same name, but with different visibility.

Patches

Pull Requests

Pull requests:

fix http iframe in edit.doc.net preview (web-doc-editor/6)

History

AllCommentsChangesGit/SVN commitsRelated reports

[2014-10-28 16:37 UTC] leigh@php.net

-Status: Open +Status: Verified -Assigned To: +Assigned To: leigh

[2017-01-01 20:49 UTC] nikic@php.net

-Status: Verified +Status: Duplicate

[2017-01-01 20:49 UTC] nikic@php.net

This is a duplicate of bug #49649.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 18:01:29 2024 UTC