php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #15220 unserialize() failed at offset X of X bytes
Submitted: 2002-01-25 05:33 UTC Modified: 2002-02-01 07:56 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: jfl at eksperten dot dk Assigned:
Status: Not a bug Package: Unknown/Other Function
PHP Version: 4.1.1 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: jfl at eksperten dot dk
New email:
PHP Version: OS:

 

 [2002-01-25 05:33 UTC] jfl at eksperten dot dk 
I have a function that stores MySQL result arrays or my own arrays in a MySQL database.

Often I get an error like "unserialize() failed at offset 1717 of 3658 bytes".

I believe this is a bug in Php as it does not happen always.

My function :

	function sql_cache ($query, $timeout = 90, $result = "") {
		if ($timeout >= 0) {
			$SQL = "SELECT result FROM sql_cache WHERE qkey = '".md5($query)."' AND valid = 1";
			if ($timeout) {
				$SQL .= " AND timestamp >= ".(time() - $timeout);
			}
 			$SQL .= " LIMIT 1";
			if ($RS = mysql_query($SQL, db_conn)) {
				if ($RSarray = mysql_fetch_row($RS)) {
					mysql_free_result($RS);
					$return = unserialize($RSarray[0]);
					if (is_array($return)) {
						return $return;
					} elseif (is_string($return)) {
						return $return;
					} else {
						//print(gettype($return));
						return false;
					}
				}
			}
		} else {
			$SQL = "REPLACE LOW_PRIORITY sql_cache SET qkey = '".md5($query)."', result = '".serialize($result)."', timestamp = ".time().", query = '".addslashes($query)."'";
			mysql_unbuffered_query($SQL, db_conn);
		}
		return false;
	}

My MySQL table :

CREATE TABLE sql_cache (
  qkey varchar(32) NOT NULL default '',
  valid tinyint(1) unsigned NOT NULL default '1',
  timestamp int(10) unsigned NOT NULL default '0',
  result blob NOT NULL,
  query text NOT NULL,
  PRIMARY KEY  (qkey)
) TYPE=MyISAM;

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-01-25 05:36 UTC] jfl at eksperten dot dk 
I use this @ www.eksperten.dk 
Let me know if I can help with anything !
 [2002-01-25 11:54 UTC] sander@php.net 
Can you supply some (malicious) sample data (in- and output of (un)serialize) along with a simple samplescript?
 [2002-01-25 12:38 UTC] jfl at eksperten dot dk 
I can provide the data that failed here :
http://www.eksperten.dk/bug.phtml

Is that ok, otherwise let me know !
 [2002-01-25 12:47 UTC] jfl at eksperten dot dk 
I use this script :

<?
	require($_SERVER["DOCUMENT_ROOT"]."/lib/db.phtml");

	function error_control ($errno, $errstr, $errfile, $errline) {
		$errortype = array (
			1    =>  "Error",
			2    =>  "Warning",
			4    =>  "Parsing Error",
			8    =>  "Notice",
			16   =>  "Core Error",
			32   =>  "Core Warning",
			64   =>  "Compile Error",
			128  =>  "Compile Warning",
			256  =>  "User Error",
			512  =>  "User Warning",
			1024 =>  "User Notice"
		);
		//
		print("<BR>".$errortype[intval($errno)]." : ".$errstr."<BR>File : ".$errfile."<BR>Line : ".$errline);
	}

	error_reporting(E_ALL);
	$error_handler = set_error_handler("error_control");

	print("<TABLE BORDER=\"1\">\n");

	$SQL = "SELECT id, error_data FROM unserialize";
	$RS = mysql_query($SQL, db_conn);
	while ($RSarray = mysql_fetch_row($RS)) {
		unserialize($RSarray[1]);
		print("<TR>");
		print("<TD>".$RSarray[0]."</TD>");
		print("<TD>".$RSarray[1]."</TD>");
		print("</TR>\n");
	}

	print("</TABLE>\n");
?>
 [2002-01-25 15:21 UTC] sander@php.net 
I ran the two following scripts, to generate 100MB of random data, and pass it through serialize/unserialize. diff told me both output files were exactly the same.

<?php
$max = 1024*1024*100;
$f = fopen("./rnd-data", "w");
for($i=0; $i<$max; $i++) {
	fputs($f, chr(rand(0,255)));
}
fclose($f);
?>

<?php
$f = fopen('./rnd-data', 'r');
$data = fread($f, 1024*1024*100+1);
fclose($f);
$f = fopen('./rnd-output', 'w');
fputs($f, unserialize(serialize($data)));
fclose($f);
?>

Are you sure the data gets stored and retrieved correctly?

(btw tested with 4.1.1 on Debian (Sid) Linux)
 [2002-02-01 07:55 UTC] jfl at eksperten dot dk 
So sorry, the bug was in my db settings.
Sorry I wasted your time !
 [2002-02-01 07:56 UTC] derick@php.net 
oh! oh! oh! :)

Bogusifying then...

Derick
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat May 18 13:01:32 2024 UTC