php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #78472 Crash on unserializing large dataset
Submitted: 2019-08-28 14:54 UTC Modified: 2019-08-29 06:13 UTC
From: martin at tiogatours dot nl Assigned: nikic (profile)
Status: Closed Package: Reproducible crash
PHP Version: 7.4.0beta4 OS: Windows 10 x64
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: martin at tiogatours dot nl
New email:
PHP Version: OS:

 

 [2019-08-28 14:54 UTC] martin at tiogatours dot nl
Description:
------------
I got unexpected PHP crashes when unserializing a object. There is no recursiveness in the serialized object as the data is created from a JSON object.

However, when you disable the recursive ArrayObject creation, the script succeeds. Also, when creating a recursive stdClass(), the problem doesn't exist

Test script:
---------------
Error unserializing with ArrayObject:
https://3v4l.org/hbSRC

This succeeds with the stdClass:
https://3v4l.org/HNXR6

Expected result:
----------------
Valid unserializing


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-08-28 15:03 UTC] nikic@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: nikic
 [2019-08-28 15:03 UTC] nikic@php.net
We fixed a couple of serialization related bugs in 7.4 recently, and both of your  examples run fine on current 7.4 HEAD. So this will be resolved in the next release :)
 [2019-08-29 06:13 UTC] martin at tiogatours dot nl
Thanks! Keep up the good work!
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Wed Jul 02 10:01:38 2025 UTC