php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #19493 Error in older versions of serializer results in error of currend deserializer
Submitted: 2002-09-19 04:38 UTC Modified: 2002-11-07 01:00 UTC
Votes:3
Avg. Score:4.3 ± 0.9
Reproduced:3 of 3 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (33.3%)
From: matthias dot boldt at ticket-web dot de Assigned:
Status: No Feedback Package: Strings related
PHP Version: 4.2.3 OS: Linux 2.4.18
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
MUST BE VALID
Solve the problem:
41 + 22 = ?
Subscribe to this entry?

 
 [2002-09-19 04:38 UTC] matthias dot boldt at ticket-web dot de 
There was an error in older versions (4.1.0) of the serializer code (it's possible the error is in the current code, too): some times, the element-count for objects was to hight. 

The old deserializer-code seams to ignore this problem. The new code has problems with that issue. We have many huge databases with serialized structures at some points. Thats why, we must use the old data :-(

I've fixed the problem with a little change in ext/standard/var_unserializer.re, function process_nested_data :


static inline int process_nested_data(UNSERIALIZE_PARAMETER, HashTable *ht, int elements)
{
	while (elements-- > 0) {
		zval *key, *data;

		ALLOC_INIT_ZVAL(key);

		if (!php_var_unserialize(&key, p, max, NULL TSRMLS_CC)) {
			zval_dtor(key);
			FREE_ZVAL(key);
		} else {
  			ALLOC_INIT_ZVAL(data);

			if (!php_var_unserialize(&data, p, max, var_hash TSRMLS_CC)) {
				zval_dtor(key);
				FREE_ZVAL(key);
				zval_dtor(data);
				FREE_ZVAL(data);
			} else {
				switch (Z_TYPE_P(key)) {
					case IS_LONG:
						zend_hash_index_update(ht, Z_LVAL_P(key), &data, sizeof(data), NULL);
						break;
					case IS_STRING:
						zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, sizeof(data), NULL);
						break;

				}
		
				zval_dtor(key);
				FREE_ZVAL(key);
			}
		}
	}

	return 1;
}

Now, it doesn't have a problem with to hight element counters. It would be great, if the developer of the new deserializer-code could look at this change and eventually
integrate it into the CVS-tree.

Greetings from Berlin,
   Matthias

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-09-19 04:53 UTC] matthias dot boldt at ticket-web dot de 
I've changed thd category ...
 [2002-09-19 09:05 UTC] sander@php.net 
Please supply a unified diff here.
 [2002-09-19 09:44 UTC] matthias dot boldt at ticket-web dot de 
There is the diff:


--- ext/standard/var_unserializer.re.old	Thu Sep 19 16:34:32 2002
+++ ext/standard/var_unserializer.re	Thu Sep 19 11:20:08 2002
@@ -144,31 +144,29 @@
 		if (!php_var_unserialize(&key, p, max, NULL TSRMLS_CC)) {
 			zval_dtor(key);
 			FREE_ZVAL(key);
-			return 0;
-		}
-
-		ALLOC_INIT_ZVAL(data);
-
-		if (!php_var_unserialize(&data, p, max, var_hash TSRMLS_CC)) {
-			zval_dtor(key);
-			FREE_ZVAL(key);
-			zval_dtor(data);
-			FREE_ZVAL(data);
-			return 0;
-		}
+		} else {
+  			ALLOC_INIT_ZVAL(data);
 
-		switch (Z_TYPE_P(key)) {
-			case IS_LONG:
-				zend_hash_index_update(ht, Z_LVAL_P(key), &data, sizeof(data), NULL);
-				break;
-			case IS_STRING:
-				zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, sizeof(data), NULL);
-				break;
+			if (!php_var_unserialize(&data, p, max, var_hash TSRMLS_CC)) {
+				zval_dtor(key);
+				FREE_ZVAL(key);
+				zval_dtor(data);
+				FREE_ZVAL(data);
+			} else {
+				switch (Z_TYPE_P(key)) {
+					case IS_LONG:
+						zend_hash_index_update(ht, Z_LVAL_P(key), &data, sizeof(data), NULL);
+						break;
+					case IS_STRING:
+						zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, sizeof(data), NULL);
+						break;
 
-		}
+				}
 		
-		zval_dtor(key);
-		FREE_ZVAL(key);
+				zval_dtor(key);
+				FREE_ZVAL(key);
+			}
+		}
 	}
 
 	return 1;
@@ -396,9 +394,9 @@
 }
 
 "}" {
-	/* this is the case where we have less data than planned */
+	// this is the case where we have less data than planned
 	zend_error(E_NOTICE, "Unexpected end of serialized data");
-	return 0; /* not sure if it should be 0 or 1 here? */
+	return 0; // not sure if it should be 0 or 1 here?
 }
 
 any	{ return 0; }
 [2002-09-19 13:17 UTC] kalowsky@php.net 
No C++ comment styles allowed!  Can you fix that and resubmit the patch?
 [2002-09-20 02:19 UTC] matthias dot boldt at ticket-web dot de 
Hello, there is a new patch (without C++-comments :-):

--- ext/standard/var_unserializer.re.old	Thu Sep 19 16:34:32 2002
+++ ext/standard/var_unserializer.re	Fri Sep 20 09:07:25 2002
@@ -144,31 +144,29 @@
 		if (!php_var_unserialize(&key, p, max, NULL TSRMLS_CC)) {
 			zval_dtor(key);
 			FREE_ZVAL(key);
-			return 0;
-		}
-
-		ALLOC_INIT_ZVAL(data);
-
-		if (!php_var_unserialize(&data, p, max, var_hash TSRMLS_CC)) {
-			zval_dtor(key);
-			FREE_ZVAL(key);
-			zval_dtor(data);
-			FREE_ZVAL(data);
-			return 0;
-		}
+		} else {
+  			ALLOC_INIT_ZVAL(data);
 
-		switch (Z_TYPE_P(key)) {
-			case IS_LONG:
-				zend_hash_index_update(ht, Z_LVAL_P(key), &data, sizeof(data), NULL);
-				break;
-			case IS_STRING:
-				zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, sizeof(data), NULL);
-				break;
+			if (!php_var_unserialize(&data, p, max, var_hash TSRMLS_CC)) {
+				zval_dtor(key);
+				FREE_ZVAL(key);
+				zval_dtor(data);
+				FREE_ZVAL(data);
+			} else {
+				switch (Z_TYPE_P(key)) {
+					case IS_LONG:
+						zend_hash_index_update(ht, Z_LVAL_P(key), &data, sizeof(data), NULL);
+						break;
+					case IS_STRING:
+						zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, sizeof(data), NULL);
+						break;
 
-		}
+				}
 		
-		zval_dtor(key);
-		FREE_ZVAL(key);
+				zval_dtor(key);
+				FREE_ZVAL(key);
+			}
+		}
 	}
 
 	return 1;
 [2002-09-25 07:24 UTC] sas@php.net 
While the session module makes use of the serializer, it is not the serializer itself.

Reclassified as "Strings related".
 [2002-10-18 16:49 UTC] sniper@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip
 [2002-11-07 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over 2 weeks, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 22:01:28 2024 UTC