php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79880 Fatal error: Uncaught Error: Invalid serialization data for DateTime object
Submitted: 2020-07-21 22:10 UTC Modified: 2020-07-22 14:42 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: isharafa at unb dot ca Assigned:
Status: Open Package: Date/time related
PHP Version: 7.4.8 OS: Ubuntu
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: isharafa at unb dot ca
New email:
PHP Version: OS:

 

 [2020-07-21 22:10 UTC] isharafa at unb dot ca
Description:
------------
I was fuzzing PHP to find a bug in unserialize function and I got the following bug:

Stack trace:
#0 [internal function]: DateTime->__wakeup()
#1 Command line code(1): unserialize('O:8:"DateTime":...')
#2 {main}
  thrown in Command line code on line 1

You can reproduce that using the following command.

echo -ne 'O:8:"DateTime":3:{s:4:"date";s:26:"2fe";01-one";s:10"Z.012345";s:13:"timezone_type";i:2;s:8:"timezone";s:1:"Z";}' | ./sapi/cli/php  -r 'unserialize(file_get_contents("php://stdin"));'


Test script:
---------------
echo -ne 'O:8:"DateTime":3:{s:4:"date";s:26:"2fe";01-one";s:10"Z.012345";s:13:"timezone_type";i:2;s:8:"timezone";s:1:"Z";}' | ./sapi/cli/php  -r 'unserialize(file_get_contents("php://stdin"));'


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-07-21 23:39 UTC] requinix@php.net
-Status: Open +Status: Feedback -Package: *Programming Data Structures +Package: Date/time related
 [2020-07-21 23:39 UTC] requinix@php.net
What's the bug? You're crafting a custom serialized string (which is already a bad thing) containing an invalid date string that DateTime would have rejected (so the object shouldn't even exist in the first place) and when you try to unserialize it you get an exception (as opposed to a crash).
 [2020-07-22 10:59 UTC] isharafa at unb dot ca
-Status: Feedback +Status: Open
 [2020-07-22 10:59 UTC] isharafa at unb dot ca
Yes.
 [2020-07-22 12:26 UTC] cmb@php.net
-Status: Open +Status: Not a bug -Assigned To: +Assigned To: cmb
 [2020-07-22 12:26 UTC] cmb@php.net
So this is obviously not a bug.
 [2020-07-22 14:16 UTC] isharafa at unb dot ca
When I modify the datetime object, it just return false, but with this specific test case I get the Fatal Error. That's why I reported this bug.
 [2020-07-22 14:34 UTC] cmb@php.net
-Status: Not a bug +Status: Open -Assigned To: cmb +Assigned To:
 [2020-07-22 14:42 UTC] nikic@php.net
I still don't understand what the supposed bug here is. Unserialization throwing exceptions is completely normal. You get a fatal error because you did not catch the exception.
 [2020-08-06 10:08 UTC] igor dot ozerskii at currencysolutions dot com
I have a similar problem when upgrading to 7.4.8 from 7.3.20, an error appeared.

[Error]
Invalid serialization data for DateTime object (0)
/home/bitrix/ext_www/htdocs/bitrix/modules/main/lib/data/cacheengineredis.php:366
# 0: DateTime -> __ wakeup ()

# 1: Redis-> get (string)
/home/bitrix/ext_www/htdocs/bitrix/modules/main/lib/data/cacheengineredis.php:366
# 2: Bitrix \ Main \ Data \ CacheEngineRedis-> read (array, string, string, string, integer)


environment  Docker

PHP -  php:7.4-fpm-alpine  and  FROM php:7.3-fpm-alpine
Redis Extension - develop branch and try branch master  (github.com/ phpredis/ phpredis/ )
Redis server - 5.0.9


php:7.3 - work fine
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Wed Oct 28 03:01:23 2020 UTC