Hey Stas, Stanislav Malyshev wrote:
Working on unserialize edge case patches backporting, I've discovered that object_properties_load() function crashes if the properties array contains non-string keys (which can happen on unserialize). Now, I can fix the crash, but I can fix it in two ways: 1. Ignore such keys (i.e. such properties will be banned, BC break against 5.x) 2. Treat such keys as in 5.x i.e. insert them in the hash. So, I wanted to know if dropping non-string keys there was intentional or not?
Sadly I can't tell you if it was intentional. If I were to hazard a guess, though, it sounds like an oversight on the part of the function author.
Both cases are rather undesirable. The optimum would be to throw an error of some sort if there's a non-string key, but that might break things.
Perhaps take option (2), inserting the keys into the hash (it seems to be the consistent thing to me), but show an E_NOTICE warning you this is happening?
I hope that's helpful. -- Andrea Faulds http://ajf.me/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
