Bug #65724 [Opn->Nab]: unserialize doesn't always restore referenced objects

Fri, 04 Oct 2013 07:10:42 -0700 

Edit report at https://bugs.php.net/bug.php?id=65724&edit=1

 ID:                 65724
 Updated by:         m...@php.net
 Reported by:        niko dot sams at gmail dot com
 Summary:            unserialize doesn't always restore referenced
                     objects
-Status:             Open
+Status:             Not a bug
 Type:               Bug
 Package:            *General Issues
 Operating System:   Linux
 PHP Version:        5.5.4
 Block user comment: N
 Private report:     N

 New Comment:

We have a recursive context for Serializable, thus if you unserialize unrelated 
strings in the unserialize callback, you literally throw bricks into the stream.


Previous Comments:
------------------------------------------------------------------------
[2013-09-20 15:16:01] bixuehujin at gmail dot com

Had a test on commit 
@8f146c2(https://github.com/php/php-src/commit/8f146c2bb0dcba3307f08a839554be056e660f34),
 segfault occurred.

------------------------------------------------------------------------
[2013-09-20 12:34:47] niko dot sams at gmail dot com

Description:
------------
when doing another unserialize that creates objects in an 
Serializable::unserialize implementation things break, the 'parent' isn't 
unserialized correctly.

ok: PHP 5.3.3-7+squeeze14
ok: PHP 5.3.10-1ubuntu3.6
fail: PHP 5.4.4-14+deb7u2
fail: PHP 5.5.3

See phpt test script:
http://paste.kde.org/p83ce39d0/

Test script:
---------------
class Bar {}
class Foo implements Serializable {
    public $test;
    public function __construct($test) { $this->test = $test; }
    public function serialize()
    {
        return $this->test;
    }
    public function unserialize($serialized)
    {
        //the following line causes problems
        unserialize('O:3:"Bar":1:{s:4:"bar1";O:3:"Bar":0:{}}');
        $this->test = $serialized;
    }
}
$foo1 = new Foo('foo1');
$foo2 = new Foo('foo2');
$foo3 = new Foo('foo3');
$ar = array(
    array(
        'instance' => $foo1,
    ),
    array(
        'instance' => $foo2,
    ),
    array(
        'instance' => $foo3,
        'parent' => $foo2
    )
);
$ar = serialize($ar);
$ar = unserialize($ar);
print_r($ar);

Expected result:
----------------
[parent] => Foo Object ( [test] => foo2 ) )

Actual result:
--------------
[parent] => foo2


------------------------------------------------------------------------



-- 
Edit this bug report at https://bugs.php.net/bug.php?id=65724&edit=1

Reply via email to