ID: 47244
Updated by: [email protected]
Reported By: nir at winpdb dot org
-Status: Open
+Status: Bogus
Bug Type: *General Issues
Operating System: Ubuntu Intrepid
PHP Version: 5.2.8
New Comment:
It works fine in CVS, its possible that the \r char when output is
causing formatting error that hides other chars.
Previous Comments:
------------------------------------------------------------------------
[2009-01-29 20:32:57] nir at winpdb dot org
Description:
------------
Isn't this a bug?
php > print serialize("hi\rho");
ho";"hi
php > print unserialize(serialize("hi\rho"));
ho
I stumbled on this while working on a Drupal system. Can this possibly
have security consequences as well? if a \r on a web form breaks the
internal data structures of a system?
Am I missing anything?
PS: I am actually using PHP 5.2.6 on Ubuntu Intrepid.
Cheers,
Nir
Reproduce code:
---------------
print serialize("hi\rho");
Expected result:
----------------
s:5:"hi
ho";
Actual result:
--------------
ho";"hi
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=47244&edit=1
