php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #68319 base64 encode / serialize objects
Submitted: 2014-10-28 14:41 UTC Modified: 2017-01-01 20:49 UTC
From: ljsteadman at gmail dot com Assigned: leigh (profile)
Status: Duplicate Package: Class/Object related
PHP Version: master-Git-2014-10-28 (Git) OS: CentOS release 6.5
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: ljsteadman at gmail dot com
New email:
PHP Version: OS:

 

 [2014-10-28 14:41 UTC] ljsteadman at gmail dot com
Description:
------------
unserializing a base64 encoded string, which contains an object, causes property issues if the defined class changes property visibility.

Test script:
---------------
http://3v4l.org/mnHXp

Expected result:
----------------
The defined class should take precedence over the serialized object. If the class definitions mismatch, throw a warning.

Actual result:
--------------
Two properties end up on the object, both the same name, but with different visibility. 

Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-10-28 16:37 UTC] leigh@php.net
-Status: Open +Status: Verified -Assigned To: +Assigned To: leigh
 [2017-01-01 20:49 UTC] nikic@php.net
-Status: Verified +Status: Duplicate
 [2017-01-01 20:49 UTC] nikic@php.net
This is a duplicate of bug #49649.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Wed Dec 08 03:03:34 2021 UTC