Edit report at https://bugs.php.net/bug.php?id=64206&edit=1
ID: 64206 Updated by: [email protected] Reported by: cameron dot junge at sella dot co dot nz Summary: Serialized object becomes r:2, which breaks unserialization Status: Verified Type: Bug Package: Scripting Engine problem Operating System: Ubuntu 12.10 PHP Version: 5.4.11 Assigned To: mike Block user comment: N Private report: N New Comment: oh, then I understand wrongly about your "deny" word, hehe Previous Comments: ------------------------------------------------------------------------ [2013-02-20 14:56:08] [email protected] What dynamic check? I guess a differentiated BG(serialize_lock)/BG(unserialize_lock) should do it. ------------------------------------------------------------------------ [2013-02-20 14:47:32] [email protected] I think deny unserialize in serialize is not a choice. it need a dynamic check and make no sense. reseting one need to be test with... ------------------------------------------------------------------------ [2013-02-20 10:42:39] [email protected] As the var_hash is kept between recursive serialize() calls, the serializer thinks the object is already serialized, but in fact, your hacky code replaces the previously serialized object. I see two options: - deny unserialize() in serialize() - reset the serialize var_hash on unserialize() (which may break other things) ------------------------------------------------------------------------ [2013-02-20 09:07:19] [email protected] After a quick look, I think the problem is rather the unserialize() call in the serialize() callback and vice-versa. ------------------------------------------------------------------------ [2013-02-20 03:33:16] [email protected] I tried to fix this by lock the serialize hash before calling ce->serialize, but it break #36424, result a stack overflow segfault. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=64206 -- Edit this bug report at https://bugs.php.net/bug.php?id=64206&edit=1
