|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #14082 unserialize have problems with negative numbers
Submitted: 2001-11-16 08:20 UTC Modified: 2001-11-16 13:13 UTC
From: alberty at neptunelabs dot com Assigned:
Status: Closed Package: Variables related
PHP Version: 4.0CVS-2001-11-16 OS: i686-pc-linux-gnu
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: alberty at neptunelabs dot com
New email:
PHP Version: OS:


 [2001-11-16 08:20 UTC] alberty at neptunelabs dot com

i have detect two annoyingly bugs ;-) with serialize/unserialize.

The first bug indicate that unserialize can't work with negative
integer numbers.

The second problem brings php to crash! Unserialize
crash if you manipulate the count of expecting array

Bug 1:

// Results: 'Warning: unserialize() failed at offset 13 of 39 bytes'
//          and an empty result string, but not false 
// because $foo['a'] is -1

if ($bar!=false){
	echo $bar;


Bug 2:

// Result: PHP crash, because the array number is smaller than serialized string

//             ^- actually 2

I have tried to make a bt, but gdb notify no fault.
In debug mode some of my script warns with this:
"Warning: String is not zero-terminated (source: ./zend_execute.c:449)"
but i think that is another problem.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2001-11-16 13:13 UTC]
Fixed in CVS

PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Wed Sep 22 17:03:37 2021 UTC