php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #19945 serialize function bug
Submitted: 2002-10-17 00:04 UTC Modified: 2002-11-04 01:00 UTC
Votes:18
Avg. Score:5.0 ± 0.0
Reproduced:16 of 16 (100.0%)
Same Version:8 (50.0%)
Same OS:8 (50.0%)
From: gaopeng at eazier dot com Assigned:
Status: No Feedback Package: Arrays related
PHP Version: 4.2.2 OS: FreeBSD 4.2
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2002-10-17 00:04 UTC] gaopeng at eazier dot com
when serialize a array which contains special characters such as "'", """, "\", php4 cannot unserialize it correct, i think the problem is the length of string when do unserialize.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-10-17 00:42 UTC] derick@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip
 [2004-02-10 07:47 UTC] skold at habber dot net
I've run into this problem as well. So far I've had the same problem on 4.3.2, 4.3.4, 4.3.5RC2. The latest snapshot (as of Feb 10) won't compile for me.

The problem, like gaopeng said, is with quotes and such. serialize() doesn't store the proper length and it won't unserialize properly.

For example:

a:1:{i:1;s:7:"Test's";}

It says it's 7 bytes long, when it's only 6. If I addslashes() to it, it does this:

a:1:{i:1;s:9:"Test\'s";}

It's now 7 but it says its 9.

Are there any workarounds for this?
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sat Sep 25 01:03:38 2021 UTC