Edit report at https://bugs.php.net/bug.php?id=62852&edit=1
ID: 62852 Updated by: larue...@php.net Reported by: kasper at webmasteren dot eu Summary: Unserialize Invalid Date causes crash -Status: Open +Status: Closed Type: Bug Package: Reproducible crash Operating System: windows, linux PHP Version: Irrelevant -Assigned To: +Assigned To: laruence Block user comment: N Private report: N New Comment: This bug has been fixed in SVN. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. For Windows: http://windows.php.net/snapshots/ Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2012-08-19 10:32:23] larue...@php.net Automatic comment on behalf of reeze....@gmail.com Revision: http://git.php.net/?p=php-src.git;a=commit;h=46a3f257724df7b85cc8c3e6374c36ed9ee783b4 Log: Fixed bug #62852 (Unserialize invalid DateTime causes crash) ------------------------------------------------------------------------ [2012-08-19 10:31:21] larue...@php.net Automatic comment on behalf of reeze....@gmail.com Revision: http://git.php.net/?p=php-src.git;a=commit;h=46a3f257724df7b85cc8c3e6374c36ed9ee783b4 Log: Fixed bug #62852 (Unserialize invalid DateTime causes crash) ------------------------------------------------------------------------ [2012-08-19 10:30:36] larue...@php.net Automatic comment on behalf of reeze....@gmail.com Revision: http://git.php.net/?p=php-src.git;a=commit;h=46a3f257724df7b85cc8c3e6374c36ed9ee783b4 Log: Fixed bug #62852 (Unserialize invalid DateTime causes crash) ------------------------------------------------------------------------ [2012-08-19 08:08:17] reeze dot xia at gmail dot com Hi, I'v sent pull request to fix this: https://github.com/php/php-src/pull/168 when unserialize it didn't check whether the date is valid. Thanks ------------------------------------------------------------------------ [2012-08-18 11:53:03] kasper at webmasteren dot eu Description: ------------ Core PHP,every version so far, 5.3.* and 5.4.* When unserializing this string : O:8:"DateTime":3:{s:4:"date";s:20:"10007-06-07 03:51:49";s:13:"timezone_type";i:3;s:8:"timezone";s:3:"UTC";} created from: Datetime:createFromFormat("99-99-9999","j-n-Y"); then serialized, to a file. Later when read and working with, php crashes, from the parse_tz.c, in timelib_get_time_zone_info. the Exception is "read at offset 0x00000010". it would appear that ts and / or tz is zero. Test script: --------------- $temp = unserialize('O:8:"DateTime":3:{s:4:"date";s:20:"10007-06-07 03:51:49";s:13:"timezone_type";i:3;s:8:"timezone";s:3:"UTC";}'); var_dump($temp); Expected result: ---------------- error parsing invalid date or just a date with all entries 0. Actual result: -------------- php crash [read offset 0x00000010] ~ null pointer + offset. at the file "ext\date\lib\parse_tz.c" ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=62852&edit=1
