php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #75713 Serialization bug: wrong variable name length
Submitted: 2017-12-20 16:27 UTC Modified: 2017-12-20 17:14 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: axtux at hotmail dot com Assigned:
Status: Not a bug Package: *General Issues
PHP Version: 7.0Git-2017-12-20 (Git) OS: Linux/Ubuntu
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: axtux at hotmail dot com
New email:
PHP Version: OS:

 

 [2017-12-20 16:27 UTC] axtux at hotmail dot com
Description:
------------
Versions tested and affected :
PHP 7.0.28-dev (cli) (built: Dec 20 2017 16:38:38) ( NTS )
PHP 7.0.22-0ubuntu0.16.04.1 (cli) ( NTS )

PHP serialization is buggy when using private class variables. Steps to reproduce :
1. create Test class with at least one private variable
2. create an instance of this class and serialize it

This leads to notice/warning/error when unserializing serialized string. See test snippet of code https://pastebin.com/D9yM4G58

Test script:
---------------
error_reporting(E_ALL);

class Test
{
    public $v1;
    private $v2;
}

$t = new Test();
$s = serialize($t);
echo $s;

// copy value or notice is not shown
$s = 'O:4:"Test":2:{s:2:"v1";N;s:8:"Testv2";N;}';

$u = unserialize($s);


Expected result:
----------------
good variable name length

Actual result:
--------------
variable name length is 2 more than expected

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-12-20 16:36 UTC] requinix@php.net
-Status: Open +Status: Not a bug -Package: *Data Exchange functions +Package: *General Issues
 [2017-12-20 16:36 UTC] requinix@php.net
Serialized strings are binary data containing mostly printable characters. Your
  $s = 'O:4:"Test":2:{s:2:"v1";N;s:8:"Testv2";N;}';
is invalid.

Simply echoing the original $s will not show you the full picture. Try with addslashes().
 [2017-12-20 17:06 UTC] axtux at hotmail dot com
-Package: *General Issues +Package: *Data Exchange functions
 [2017-12-20 17:06 UTC] axtux at hotmail dot com
You misunderstood. The string 'O:4:"Test":2:{s:2:"v1";N;s:8:"Testv2";N;}' is actually what is returned by serialize function. Try it.

The reason why I set $s to it because for some reasons, unserialize(serialize($obj)) does not print a notice (maybe some optimization ?).
 [2017-12-20 17:09 UTC] requinix@php.net
> The string 'O:4:"Test":2:{s:2:"v1";N;s:8:"Testv2";N;}' is actually what is returned by serialize function. Try it.
No, actually, it isn't. Read what I said.
 [2017-12-20 17:09 UTC] requinix@php.net
-Package: *Data Exchange functions +Package: *General Issues
 [2017-12-20 17:14 UTC] axtux at hotmail dot com
Ok my bad, sorry.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Wed Jul 09 16:02:26 2025 UTC