|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #81163 indirect in __sleep
Submitted: 2021-06-18 05:10 UTC Modified: -
From: Assigned:
Status: Closed Package: Reproducible crash
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
New email:
PHP Version: OS:


 [2021-06-18 05:10 UTC]
indirect vars returned in properties for __sleep not handled correctly

Test script:
class foo
    private $private = 'private';

class bar extends foo
    public function __sleep()
        return (new bar());

var_dump(serialize(new bar()));

Expected result:
Warning: serialize(): "private" returned as member variable from __sleep() but does not exist in /opt/src/php-src/sec.php on line 15
string(14) "O:3:"bar":0:{}"

Actual result:
assert fail


Add a Patch

Pull Requests

Pull requests:

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2021-06-18 05:14 UTC]
The following pull request has been associated:

Patch Name: Fix bug #81163 indirect vars in __sleep
On GitHub:
 [2021-06-18 09:23 UTC]
Automatic comment on behalf of krakjoe
Log: Fix bug #81163 __sleep allowed to return non-array
 [2021-06-18 09:23 UTC]
-Status: Open +Status: Closed
 [2021-06-18 17:12 UTC]
Automatic comment on behalf of krakjoe
Log: Fix bug #81163 indirect vars in __sleep
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Thu Feb 02 11:05:52 2023 UTC