From: [EMAIL PROTECTED] Operating system: i686-pc-linux-gnu PHP version: 4.0CVS-2001-11-16 PHP Bug Type: Variables related Bug description: unserialize have problems with negative numbers
Hi, i have detect two annoyingly bugs ;-) with serialize/unserialize. The first bug indicate that unserialize can't work with negative integer numbers. The second problem brings php to crash! Unserialize crash if you manipulate the count of expecting array vars. Bug 1: <?php // Results: 'Warning: unserialize() failed at offset 13 of 39 bytes' // and an empty result string, but not false // because $foo['a'] is -1 error_reporting(2047); $foo['a']=(int)-1; $foo['b']=(string)'Paris'; $bar=serialize($foo); if ($bar!=false){ echo $bar; $nop=unserialize($bar); print_r($nop); } ?> --------------- Bug 2: <?php // Result: PHP crash, because the array number is smaller than serialized string error_reporting(2047); $ser_string='a:1:{s:1:"a";i:1000;s:1:"b";s:5:"Paris";}'; // ^- actually 2 $unser_string=unserialize($ser_string); ?> I have tried to make a bt, but gdb notify no fault. In debug mode some of my script warns with this: "Warning: String is not zero-terminated (source: ./zend_execute.c:449)" but i think that is another problem. -- Edit bug report at: http://bugs.php.net/?id=14082&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]