Edit report at https://bugs.php.net/bug.php?id=42196&edit=1
ID: 42196
Updated by: yohg...@php.net
Reported by: joungkyun at gmail dot com
Summary: unserialize artichecture problem
-Status: Open
+Status: Closed
Type: Feature/Change Request
-Package: Feature/Change Request
+Package: *General Issues
Operating System: Linux
PHP Version: 5CVS-2007-08-03 (CVS)
-Assigned To:
+Assigned To: yohgaki
Block user comment: N
Private report: N
New Comment:
Already implemented at least 5.4
Previous Comments:
------------------------------------------------------------------------
[2007-08-04 16:42:10] joungkyun at gmail dot com
I thinks that php has auto casting type. So, on 32bit systems php get 64bit
interger, first convert casting type to double.
sorry for my pool english.
------------------------------------------------------------------------
[2007-08-04 14:08:04] j...@php.net
First of all, exactly why do you pass data like this between machines?
Secondly: OF course you can't pass huge integers to 32bit system. So
this is expected behaviour. What do you suggest happens in this case?
Try this on 32bit system:
echo (int) 4294967297;
------------------------------------------------------------------------
[2007-08-03 09:51:46] joungkyun at gmail dot com
Description:
------------
There is serialized data that made with 64bit integer on 64 bit system.
On 32bit machine, if unserialize this data, you have result of integer overflow.
Reproduce code:
---------------
On, 64bit system
echo serialize (4294967296 + 1);
=> result : "i:4294967297;"
On, 32bit system
echo unserilaize ("i:4294967297;");
=> result : 1
Expected result:
----------------
On, 32bit system
echo unserilaize ("i:4294967297;");
=> result : 4294967297
Actual result:
--------------
On, 32bit system
echo unserilaize ("i:4294967297;");
=> result : 1
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=42196&edit=1
