php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #29865 serialize produces invalid output
Submitted: 2004-08-27 13:37 UTC Modified: 2005-10-01 12:13 UTC
Votes:11
Avg. Score:4.8 ± 0.4
Reproduced:9 of 10 (90.0%)
Same Version:3 (33.3%)
Same OS:3 (33.3%)
From: aidan@php.net Assigned: derick (profile)
Status: Closed Package: Strings related
PHP Version: 5CVS-2005-03-07 OS: *
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: aidan@php.net
New email:
PHP Version: OS:

 

 [2004-08-27 13:37 UTC] aidan@php.net
Description:
------------
Using serialize() with a class produces invalid output.

Reproduce code:
---------------
I haven't had a chance to properly investigate why this particular code causes a problem, but Derick seemed ontop of it already.

<?php
class cr {
   private $priv_member;
   function cr($val)
   {
       $this->priv_member = $val;
   }

   function comp_func_cr($a, $b)
   {
       if ($a->priv_member === $b->priv_member) return 0;
       return ($a->priv_member > $b->priv_member)? 1:-1;
   }
   
   function comp_func_key($a, $b)
   {
       if ($a === $b) return 0;
       return ($a > $b)? 1:-1;
   }
}
$a = array("0.1" => new cr(9), "0.5" => new cr(12), 0 => new cr(23), 1=> new cr(4), 2 => new cr(-15),);
$b = array("0.2" => new cr(9), "0.5" => new cr(22), 0 => new cr(3), 1=> new cr(4), 2 => new cr(-15),);

$result = array_udiff_uassoc($a, $b, array("cr", "comp_func_cr"), array("cr", "comp_func_key"));
$foo = serialize($result);
echo $foo;
?>

Actual result:
--------------
0000  61 3a 33 3a 7b 73 3a 33  3a 22 30 2e 31 22 3b 4f   a:3:{s:3 :"0.1";O
0010  3a 32 3a 22 63 72 22 3a  31 3a 7b 73 3a 31 35 3a   :2:"cr": 1:{s:15:
0020  22 00 63 72 00 70 72 69  76 5f 6d 65 6d 62 65 72   ".cr.pri v_member
0030  22 3b 69 3a 39 3b 7d 73  3a 33 3a 22 30 2e 35 22   ";i:9;}s :3:"0.5"
0040  3b 4f 3a 32 3a 22 63 72  22 3a 31 3a 7b 73 3a 31   ;O:2:"cr ":1:{s:1
0050  35 3a 22 00 63 72 00 70  72 69 76 5f 6d 65 6d 62   5:".cr.p riv_memb
0060  65 72 22 3b 69 3a 31 32  3b 7d 69 3a 30 3b 4f 3a   er";i:12 ;}i:0;O:
0070  32 3a 22 63 72 22 3a 31  3a 7b 73 3a 31 35 3a 22   2:"cr":1 :{s:15:"
0080  00 63 72 00 70 72 69 76  5f 6d 65 6d 62 65 72 22   .cr.priv _member"
0090  3b 69 3a 32 33 3b 7d 7d                            ;i:23;}}

As you can see from this hexdump, there are 0 bytes being produced. This should not happen.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-01-06 20:23 UTC] jhargis at gmail dot com
I have noticed similar.  

<?php
class User {
  protected $username = "name";
  public function getU(){
    return $this->username;
  }
}

$ob_User = New User();
$wUser = serialize($ob_User);
echo $wUser;
$wUser2 = unserialize($wUser); 
echo $wUser2->getU() . "<br>\n";
?>

Protected/private members appear to have the 0x00 bytes around the notation.  For the time, I base64 the serialized string so I can store it in the DB without having to deal with it as a binary.  Also, this may be related to why when using WDDX as the serialization handler it only picks up the last member var when you need implement __sleep.
 [2005-01-22 13:57 UTC] aidan@php.net
This is still a problem in the latest head, simple test case:

$ ./php5_1 -r 'class Foo { protected $bar = 1; } $v = new Foo; echo serialize($v);' | hexdump

0000000 3a4f 3a33 4622 6f6f 3a22 3a31 737b 363a
0000010 223a 2a00 6200 7261 3b22 3a69 3b31 007d
000001f
 [2005-07-14 22:40 UTC] php dot net at sharpdreams dot com
Still busted in recent CVS, win32 & FreeBSD. Seems to work in 5.0.4. This ought to be fixed before the next b3, or at least prior to release of 5.1.
 [2005-09-30 19:17 UTC] jhargis at gmail dot com
Can confirm this as being corrected and working in 5.0.5 as well.
 [2005-10-01 12:13 UTC] aidan@php.net
Yep, no problem in head.
 [2010-12-01 00:53 UTC] sdo at inbox dot lv
Bug can still be reproduced in PHP 5.2 and 5.3

Example of running a simple test (orignally submitted by aidan@php.net):

$ php -v
PHP 5.2.14 (cli) (built: Aug 12 2010 16:03:48)
$ php  -r 'class Foo { protected $bar = 1; } $v = new Foo; echo serialize($v);' | hexdump
0000000 3a4f 3a33 4622 6f6f 3a22 3a31 737b 363a
0000010 223a 2a00 6200 7261 3b22 3a69 3b31 007d
000001f
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Oct 04 11:01:28 2024 UTC