php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #72390 Error in Serialize function
Submitted: 2016-06-12 14:37 UTC Modified: 2016-06-13 11:06 UTC
From: kanduganesh at gmail dot com Assigned: cmb (profile)
Status: Not a bug Package: *General Issues
PHP Version: 5.6.22 OS: Windows 32-bit
Private report: No CVE-ID: None
 [2016-06-12 14:37 UTC] kanduganesh at gmail dot com
Description:
------------
getting error or corrupt output of serialized string when i am serializing array


Test script:
---------------
<?php

echo "<pre>";
$ser = array(
	2206427175 => 'user'
	);

$ser = serialize($ser);
print_r(unserialize($ser));


Expected result:
----------------
Array
(
    [2206427175] => user
)

Actual result:
--------------
Array
(
    [-2088540121] => user
)


Patches

serialize_integer_key_size_problem (last revision 2016-06-12 14:42 UTC by kanduganesh at gmail dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-06-13 11:06 UTC] cmb@php.net
-Status: Open +Status: Not a bug -Operating System: Windows +Operating System: Windows 32-bit -Assigned To: +Assigned To: cmb
 [2016-06-13 11:06 UTC] cmb@php.net
That's obviously an integer overflow on a 32-bit system (no issue
on 64-bit systems, see <https://3v4l.org/4SLi0>), and as such is
expected behavior, so this is not a bug.

Note that on 32-bit systems `var_dump(2206427175)` prints
`double(2206427175)`, and the documentation states[1] that "Floats
are also cast to integers, […]", so in your case the array has
already the negative key, so serialize() behaves correctly; to
verify do

    print_r(array(2206427175 => 'user'))

[1] <http://php.net/manual/en/language.types.array.php#example-99>
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Dec 13 05:01:28 2024 UTC