|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #23275 serialize(), $_SESSION, seg fault
Submitted: 2003-04-18 16:18 UTC Modified: 2003-06-30 18:49 UTC
Avg. Score:4.6 ± 0.7
Reproduced:5 of 5 (100.0%)
Same Version:2 (40.0%)
Same OS:2 (40.0%)
From: moxley at moxleydata dot com Assigned:
Status: No Feedback Package: Session related
PHP Version: 4.3.2-RC OS: Linux 4.2
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: moxley at moxleydata dot com
New email:
PHP Version: OS:


 [2003-04-18 16:18 UTC] moxley at moxleydata dot com
PHP apparently crashes under these contidions:
1. Use of serialize() on the $_SESSION variable
2. $_SESSION contains an object
3. object's class is not defined within the context of the serialize() call

Please contact me for gdb backtrace, php.ini, or other information if you cannot reproduce the problem with the script below.

Code that breaks:

	if( isset($_GET['serialize']) )
		$serialized = serialize($_SESSION); // Causes seg fault
		print "Did not crash";
		class Simple {}
		$_SESSION['simpleObj'] = new Simple();
		print '<a href="' . $_SERVER['PHP_SELF'] . '?serialize">serialize</a>';

Apache 1.3.27 error log:
[Fri Apr 18 14:04:05 2003] [notice] child pid 15705 exit signal Segmentation fault (11)
[Fri Apr 18 14:04:05 2003] [notice] child pid 15697 exit signal Segmentation fault (11)
[Fri Apr 18 14:04:05 2003] [notice] child pid 15693 exit signal Segmentation fault (11)


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2003-04-21 10:03 UTC]
I get this with latest STABLE CVS:

Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 136337046 bytes) in Unknown on line 0
 [2003-05-15 13:27 UTC]
Please try using this CVS snapshot:
For Windows:

And if it still crashes, add the backtrace here.

 [2003-05-20 19:50 UTC] moxley at moxleydata dot com
I've installed the release and the problem still exists. Addtionally, there is another problem with the new release, related to sessions, which I haven't had the time to investigate. Please give me more time to check out the new problem. Thanks
 [2003-06-26 12:35 UTC]
What's the status?

 [2003-06-30 14:08 UTC] moxley at moxleydata dot com
Sorry, I'm not going to have the time and the available server to test this. I have a work-around, which I will be using. Thanks.
 [2003-06-30 18:49 UTC]

PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Wed Sep 27 13:01:24 2023 UTC