PHP :: Bug #6348 :: serializing objects which use __sleep() can cripple the serialized return

Bug #6348	serializing objects which use __sleep() can cripple the serialized return
Submitted:	2000-08-25 06:12 UTC	Modified:	2000-12-11 07:59 UTC
From:	bachi at insign dot ch	Assigned:
Status:	Closed	Package:	Class/Object related
PHP Version:	4.0.1pl2	OS:	Linux
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2000-08-25 06:12 UTC] bachi at insign dot ch

If you serialize an object that uses __sleep() to define which properties should be serialized, the serialized code will be crippled if a class property is defined (and returned by __sleep() to be serialized), but not yet used in the object.

The serialized code includes then the property name, but with no value, so that the structure is crippled and it is not possible to unserialize() it.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-12-11 06:15 UTC] stas@php.net

Does it still happen in latest version? If so, please
provide short reproducing script for this behaviour.

[2000-12-11 07:59 UTC] thies@php.net

fixed in CVS & upcoming 4.0.4

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 19 23:01:28 2024 UTC