php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79880 Fatal error: Uncaught Error: Invalid serialization data for DateTime object
Submitted: 2020-07-21 22:10 UTC Modified: 2020-07-22 14:42 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: isharafa at unb dot ca Assigned:
Status: Open Package: Date/time related
PHP Version: 7.4.8 OS: Ubuntu
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2020-07-21 22:10 UTC] isharafa at unb dot ca
Description:
------------
I was fuzzing PHP to find a bug in unserialize function and I got the following bug:

Stack trace:
#0 [internal function]: DateTime->__wakeup()
#1 Command line code(1): unserialize('O:8:"DateTime":...')
#2 {main}
  thrown in Command line code on line 1

You can reproduce that using the following command.

echo -ne 'O:8:"DateTime":3:{s:4:"date";s:26:"2fe";01-one";s:10"Z.012345";s:13:"timezone_type";i:2;s:8:"timezone";s:1:"Z";}' | ./sapi/cli/php  -r 'unserialize(file_get_contents("php://stdin"));'


Test script:
---------------
echo -ne 'O:8:"DateTime":3:{s:4:"date";s:26:"2fe";01-one";s:10"Z.012345";s:13:"timezone_type";i:2;s:8:"timezone";s:1:"Z";}' | ./sapi/cli/php  -r 'unserialize(file_get_contents("php://stdin"));'


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-07-21 23:39 UTC] requinix@php.net
-Status: Open +Status: Feedback -Package: *Programming Data Structures +Package: Date/time related
 [2020-07-21 23:39 UTC] requinix@php.net
What's the bug? You're crafting a custom serialized string (which is already a bad thing) containing an invalid date string that DateTime would have rejected (so the object shouldn't even exist in the first place) and when you try to unserialize it you get an exception (as opposed to a crash).
 [2020-07-22 10:59 UTC] isharafa at unb dot ca
-Status: Feedback +Status: Open
 [2020-07-22 10:59 UTC] isharafa at unb dot ca
Yes.
 [2020-07-22 12:26 UTC] cmb@php.net
-Status: Open +Status: Not a bug -Assigned To: +Assigned To: cmb
 [2020-07-22 12:26 UTC] cmb@php.net
So this is obviously not a bug.
 [2020-07-22 14:16 UTC] isharafa at unb dot ca
When I modify the datetime object, it just return false, but with this specific test case I get the Fatal Error. That's why I reported this bug.
 [2020-07-22 14:34 UTC] cmb@php.net
-Status: Not a bug +Status: Open -Assigned To: cmb +Assigned To:
 [2020-07-22 14:42 UTC] nikic@php.net
I still don't understand what the supposed bug here is. Unserialization throwing exceptions is completely normal. You get a fatal error because you did not catch the exception.
 [2020-08-06 10:08 UTC] igor dot ozerskii at currencysolutions dot com
I have a similar problem when upgrading to 7.4.8 from 7.3.20, an error appeared.

[Error]
Invalid serialization data for DateTime object (0)
/home/bitrix/ext_www/htdocs/bitrix/modules/main/lib/data/cacheengineredis.php:366
# 0: DateTime -> __ wakeup ()

# 1: Redis-> get (string)
/home/bitrix/ext_www/htdocs/bitrix/modules/main/lib/data/cacheengineredis.php:366
# 2: Bitrix \ Main \ Data \ CacheEngineRedis-> read (array, string, string, string, integer)


environment  Docker

PHP -  php:7.4-fpm-alpine  and  FROM php:7.3-fpm-alpine
Redis Extension - develop branch and try branch master  (github.com/ phpredis/ phpredis/ )
Redis server - 5.0.9


php:7.3 - work fine
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Thu Oct 29 08:01:25 2020 UTC