php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #68319 base64 encode / serialize objects
Submitted: 2014-10-28 14:41 UTC Modified: 2017-01-01 20:49 UTC
From: ljsteadman at gmail dot com Assigned: leigh (profile)
Status: Duplicate Package: Class/Object related
PHP Version: master-Git-2014-10-28 (Git) OS: CentOS release 6.5
Private report: No CVE-ID: None
 [2014-10-28 14:41 UTC] ljsteadman at gmail dot com
Description:
------------
unserializing a base64 encoded string, which contains an object, causes property issues if the defined class changes property visibility.

Test script:
---------------
http://3v4l.org/mnHXp

Expected result:
----------------
The defined class should take precedence over the serialized object. If the class definitions mismatch, throw a warning.

Actual result:
--------------
Two properties end up on the object, both the same name, but with different visibility. 

Patches

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-10-28 16:37 UTC] leigh@php.net
-Status: Open +Status: Verified -Assigned To: +Assigned To: leigh
 [2017-01-01 20:49 UTC] nikic@php.net
-Status: Verified +Status: Duplicate
 [2017-01-01 20:49 UTC] nikic@php.net
This is a duplicate of bug #49649.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 14:01:29 2024 UTC