Edit report at https://bugs.php.net/bug.php?id=53437&edit=1
ID: 53437 Updated by: tony2...@php.net Reported by: from dot php dot net at brainbox dot cz Summary: Crash when using unserialized DatePeriod instance Status: Assigned Type: Bug Package: Date/time related Operating System: Windows XP SP3 PHP Version: 5.3.3 Assigned To: derick Block user comment: N Private report: N New Comment: <@Cataphrac> (the Date(Period|Interval) serialization patch is here btw: http://nebm.ist.utl.pt/~glopes/misc/date_period_interval_ser.diff ) Previous Comments: ------------------------------------------------------------------------ [2011-12-06 06:07:24] der...@php.net Automatic comment from SVN on behalf of derick Revision: http://svn.php.net/viewvc/?view=revision&revision=320479 Log: - Added a test case for #53437. ------------------------------------------------------------------------ [2011-01-09 06:00:35] cataphr...@php.net Reassigning to Derick, as the patch I've written is under his consideration. ------------------------------------------------------------------------ [2010-12-01 21:50:03] fel...@php.net Duplicated of #52113 ------------------------------------------------------------------------ [2010-12-01 17:15:05] from dot php dot net at brainbox dot cz Description: ------------ DatePeriod class does not have the serialization/unserialization logic implemented. Therefore, when unserialized instance is used, script crashes. This is result of serializing the DatePeriod instance: O:10:"DatePeriod":0:{} unserialize() wents fine as well, but when I call foreach() on unserialized instance, the script crashes. Test script: --------------- $dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 2); echo "Original:\r\n"; foreach($dp as $dt) { echo $dt->format('Y-m-d H:i:s')."\r\n"; } echo "\r\n"; $ser = serialize($dp); // $ser is: O:10:"DatePeriod":0:{} // Create dangerous instance $dpu = unserialize($ser); // $dpu has invalid values⦠echo "Unserialized:\r\n"; // â¦which leads to CRASH: foreach($dpu as $dt) { echo $dt->format('Y-m-d H:i:s')."\r\n"; } Expected result: ---------------- Original: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Unserialized: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Actual result: -------------- PHP crashes on the "unserialize" line. ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=53437&edit=1
