|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2006-06-02 03:28 UTC] daniel dot oconnor at gmail dot com
Description:
------------
Serialize does not appear to be serializing fully or safely.
Reproduce code:
---------------
<?php
class BugFeed {
protected $cache;
public function __construct($options) {
if (isset($options["cache"])) {
$this->cache = $options["cache"];
}
}
public function fetch() {}
public static function render($type = "edit") {}
}
$stuff = array(new BugFeed(array()));
print serialize($stuff);
Expected result:
----------------
a serialized string of my BugFeed object, or if it was unable to properly serialize it, an exception or warning.
Actual result:
--------------
a:1:{i:0;O:7:"BugFeed":1:{s:8:"
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Nov 04 19:00:02 2025 UTC |
Sorry, I can't try it on the CVS copy. To amend the bug report: <?php class BugFeed { protected $cache; public function __construct($options) { if (isset($options["cache"])) { $this->cache = $options["cache"]; } } public function fetch() {} public static function render($type = "edit") {} } $stuff = array(new BugFeed(array())); $cereal = serialize($stuff); $stuff2 = unserialize($cereal); $stuff3 = unserialize((string)$cereal); var_dump($stuff2 == $stuff); var_dump($stuff3 == $stuff); var_dump(strlen($cereal)); print $cereal . "\n"; print (string)$cereal; print "hello world?"; ---- Produces: bool(true) bool(true) int(45) a:1:{i:0;O:7:"BugFeed":1:{s:8:" --- That is to say: there's an unexpected EOF character output in the serialized code.