Hello alberty,
This working correctly for me with 4.0.5 and php-4.1.0RC2 (CGI)
anc> i have detect two annoyingly bugs ;-) with serialize/unserialize.
anc> The first bug indicate that unserialize can't work with negative
anc> integer numbers.
anc> The second problem brings php to crash! Unserialize
anc> crash if you manipulate the count of expecting array
anc> vars.
anc> Bug 1:
anc> <?php
anc> // Results: 'Warning: unserialize() failed at offset 13 of 39 bytes'
anc> // and an empty result string, but not false
anc> // because $foo['a'] is -1
anc> error_reporting(2047);
anc> $foo['a']=(int)-1;
anc> $foo['b']=(string)'Paris';
anc> $bar=serialize($foo);
anc> if ($bar!=false){
anc> echo $bar;
anc> $nop=unserialize($bar);
anc> print_r($nop);
anc> }
?>>
anc> ---------------
anc> Bug 2:
anc> <?php
anc> // Result: PHP crash, because the array number is smaller than serialized
anc> string
anc> error_reporting(2047);
anc> $ser_string='a:1:{s:1:"a";i:1000;s:1:"b";s:5:"Paris";}';
anc> // ^- actually 2
anc> $unser_string=unserialize($ser_string);
?>>
anc> I have tried to make a bt, but gdb notify no fault.
anc> In debug mode some of my script warns with this:
anc> "Warning: String is not zero-terminated (source: ./zend_execute.c:449)"
anc> but i think that is another problem.
Best regards,
Andrew Sitnikov
e-mail : [EMAIL PROTECTED]
GSM : (+372) 56491109
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
