#45826 [NEW]: serialize causes segmentation fault

kevin dot armenat at googlemail dot com Thu, 14 Aug 2008 17:14:26 -0700

From:             kevin dot armenat at googlemail dot com
Operating system: Ubuntu Linux 8.04
PHP version:      5.3.0alpha1
PHP Bug Type:     Reproducible crash
Bug description:  serialize causes segmentation fault


Description:
------------
Serialize causes a segmentation fault if you try to serialize an object
("A") which contains an object ("B") which references to object "A".

Its still working with PHP 5.2.4, but it crashes with PHP 5.3.0alpha1.

Reproduce code:
---------------
class A {
        private $bList;
        public function __construct() {
                $this->bList = new ArrayObject();
        }
        public function addB(B $b) {
                $this->bList->append($b);
        }
}
class B {
        private $parentA;
        public function __construct(A $parentA) {
                $this->parentA = $parentA;
        }
}

$a = new A();
$b = new B($a);
$a->addB($b);
echo serialize($a);

Expected result:
----------------
The serialized Object of the class "A"

Actual result:
--------------
#0  0xb744b8a8 in _zend_mm_alloc_int (heap=0x81e0db8, size=20) at
/home/kevin/php-5.3.0alpha1/Zend/zend_alloc.c:1743
#1  0xb745c821 in zend_call_function (fci=0xbf15f148,
fci_cache=0xbf15f16c) at
/home/kevin/php-5.3.0alpha1/Zend/zend_execute_API.c:894
#2  0xb747b018 in zend_call_method (object_pp=0xbf15f200,
obj_ce=0x824bfc8, fn_proxy=0x824c0dc, function_name=0xb77311f0 "serialize",

    function_name_len=9, retval_ptr_ptr=0xbf15f1ec, param_count=0,
arg1=0x0, arg2=0x0)                                                
    at /home/kevin/php-5.3.0alpha1/Zend/zend_interfaces.c:89              
                                                           
#3  0xb747b26d in zend_user_serialize (object=0x82f1164,
buffer=0xbf15f28c, buf_len=0xbf15f278, data=0xbf15f570)                    
 
    at /home/kevin/php-5.3.0alpha1/Zend/zend_interfaces.c:414             
                                                           
#4  0xb73dc722 in php_var_serialize_intern (buf=0xbf15f5a8,
struc=0x82f1164, var_hash=0xbf15f570)                                     
    at /home/kevin/php-5.3.0alpha1/ext/standard/var.c:694                 
                                                           
#5  0xb73dc497 in php_var_serialize_intern (buf=0xbf15f5a8,
struc=0x82f0f88, var_hash=0xbf15f570)                                     
    at /home/kevin/php-5.3.0alpha1/ext/standard/var.c:795
#6  0xb73dc497 in php_var_serialize_intern (buf=0xbf15f5a8,
struc=0x82f1300, var_hash=0xbf15f570)
    at /home/kevin/php-5.3.0alpha1/ext/standard/var.c:795
#7  0xb73dc497 in php_var_serialize_intern (buf=0xbf15f5a8,
struc=0x82f128c, var_hash=0xbf15f570)
    at /home/kevin/php-5.3.0alpha1/ext/standard/var.c:795
#8  0xb73de049 in php_var_serialize (buf=0xbf15f5a8, struc=0x82f11e4,
var_hash=0xbf15f570)
    at /home/kevin/php-5.3.0alpha1/ext/standard/var.c:814
#9  0xb72f0838 in zim_spl_Array_serialize (ht=0, return_value=0x8568bbc,
return_value_ptr=0xbf15f79c, this_ptr=0x82f1164,
    return_value_used=1) at
/home/kevin/php-5.3.0alpha1/ext/spl/spl_array.c:1491
#10 0xb745c891 in zend_call_function (fci=0xbf15f6f8,
fci_cache=0xbf15f71c) at
/home/kevin/php-5.3.0alpha1/Zend/zend_execute_API.c:898
#11 0xb747b018 in zend_call_method (object_pp=0xbf15f7b0,
obj_ce=0x824bfc8, fn_proxy=0x824c0dc, function_name=0xb77311f0
"serialize",
    function_name_len=9, retval_ptr_ptr=0xbf15f79c, param_count=0,
arg1=0x0, arg2=0x0)
    at /home/kevin/php-5.3.0alpha1/Zend/zend_interfaces.c:89

[...]
endless repeated

-- 
Edit bug report at http://bugs.php.net/?id=45826&edit=1
-- 
Try a CVS snapshot (PHP 5.2): 
http://bugs.php.net/fix.php?id=45826&r=trysnapshot52
Try a CVS snapshot (PHP 5.3): 
http://bugs.php.net/fix.php?id=45826&r=trysnapshot53
Try a CVS snapshot (PHP 6.0): 
http://bugs.php.net/fix.php?id=45826&r=trysnapshot60
Fixed in CVS:                 http://bugs.php.net/fix.php?id=45826&r=fixedcvs
Fixed in release:             
http://bugs.php.net/fix.php?id=45826&r=alreadyfixed
Need backtrace:               http://bugs.php.net/fix.php?id=45826&r=needtrace
Need Reproduce Script:        http://bugs.php.net/fix.php?id=45826&r=needscript
Try newer version:            http://bugs.php.net/fix.php?id=45826&r=oldversion
Not developer issue:          http://bugs.php.net/fix.php?id=45826&r=support
Expected behavior:            http://bugs.php.net/fix.php?id=45826&r=notwrong
Not enough info:              
http://bugs.php.net/fix.php?id=45826&r=notenoughinfo
Submitted twice:              
http://bugs.php.net/fix.php?id=45826&r=submittedtwice
register_globals:             http://bugs.php.net/fix.php?id=45826&r=globals
PHP 4 support discontinued:   http://bugs.php.net/fix.php?id=45826&r=php4
Daylight Savings:             http://bugs.php.net/fix.php?id=45826&r=dst
IIS Stability:                http://bugs.php.net/fix.php?id=45826&r=isapi
Install GNU Sed:              http://bugs.php.net/fix.php?id=45826&r=gnused
Floating point limitations:   http://bugs.php.net/fix.php?id=45826&r=float
No Zend Extensions:           http://bugs.php.net/fix.php?id=45826&r=nozend
MySQL Configuration Error:    http://bugs.php.net/fix.php?id=45826&r=mysqlcfg

#45826 [NEW]: serialize causes segmentation fault

Reply via email to