This is not a fail.
I think you misunderstand what serialize() does. The purpose is to
encapsulate the content of an object - be it a string, array or class -
and store it in a single string variable.
The PHP manual says this about serialize():
"Returns a string containing a byte-stream representation of value that
can be stored anywhere."
If you want to pass the serialised bytes around, then you need to either
URL-encode them, or store it as a binary string.
I am closing this as an invalid bug and removing the security team.
** Changed in: php5 (Ubuntu)
Status: New => Invalid
--
php5 serialize() function corrupt strings
https://bugs.launchpad.net/bugs/310845
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
