php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #75237 jsonSerialize() - Returning new instance of self causes segfault
Submitted: 2017-09-20 21:39 UTC Modified: 2017-10-05 10:48 UTC
From: sammyk@php.net Assigned:
Status: Duplicate Package: JSON related
PHP Version: Irrelevant OS: macOS 10.12.6
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: sammyk@php.net
New email:
PHP Version: OS:

 

 [2017-09-20 21:39 UTC] sammyk@php.net 
Description:
------------
You can easily create a segfault in jsonSerialize() by returning a new instance of self. You can see this affects all actively supported versions of PHP here: https://3v4l.org/tLMv6

I'm working on a patch and will be submitting it as a PR soon. :)

Test script:
---------------
<?php

class Foo implements JsonSerializable {
  public function jsonSerialize() {
    return new self;
  }
}

var_dump(json_encode(new Foo));


Expected result:
----------------
We'd should see a fatal error raised on an exception thrown.

Actual result:
--------------
Segmentation fault. Doh!

Patches

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-10-05 10:48 UTC] nikic@php.net
-Status: Open +Status: Duplicate
 [2017-10-05 10:48 UTC] nikic@php.net 
This is a standard infinite recursion stack overflow -- I'm marking it as a duplicate of #64196, which is about __clone(), but the same general issue.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 13:01:29 2024 UTC