#19493 [NEW]: Error in older versions of serializer results in error of currend deserializer

matthias . boldt Thu, 19 Sep 2002 02:09:56 -0700

From:             [EMAIL PROTECTED]
Operating system: Linux 2.4.18
PHP version:      4.2.3
PHP Bug Type:     *Programming Data Structures
Bug description:  Error in older versions of serializer results in error of currend 
deserializer


There was an error in older versions (4.1.0) of the serializer code (it's
possible the error is in the current code, too): some times, the
element-count for objects was to hight. 

The old deserializer-code seams to ignore this problem. The new code has
problems with that issue. We have many huge databases with serialized
structures at some points. Thats why, we must use the old data :-(

I've fixed the problem with a little change in
ext/standard/var_unserializer.re, function process_nested_data :


static inline int process_nested_data(UNSERIALIZE_PARAMETER, HashTable
*ht, int elements)
{
        while (elements-- > 0) {
                zval *key, *data;

                ALLOC_INIT_ZVAL(key);

                if (!php_var_unserialize(&key, p, max, NULL TSRMLS_CC)) {
                        zval_dtor(key);
                        FREE_ZVAL(key);
                } else {
                        ALLOC_INIT_ZVAL(data);

                        if (!php_var_unserialize(&data, p, max, var_hash TSRMLS_CC)) {
                                zval_dtor(key);
                                FREE_ZVAL(key);
                                zval_dtor(data);
                                FREE_ZVAL(data);
                        } else {
                                switch (Z_TYPE_P(key)) {
                                        case IS_LONG:
                                                zend_hash_index_update(ht, 
Z_LVAL_P(key), &data, sizeof(data),
NULL);
                                                break;
                                        case IS_STRING:
                                                zend_hash_update(ht, Z_STRVAL_P(key), 
Z_STRLEN_P(key) + 1, &data,
sizeof(data), NULL);
                                                break;

                                }
                
                                zval_dtor(key);
                                FREE_ZVAL(key);
                        }
                }
        }

        return 1;
}

Now, it doesn't have a problem with to hight element counters. It would be
great, if the developer of the new deserializer-code could look at this
change and eventually
integrate it into the CVS-tree.

Greetings from Berlin,
   Matthias

-- 
Edit bug report at http://bugs.php.net/?id=19493&edit=1
-- 
Try a CVS snapshot:  http://bugs.php.net/fix.php?id=19493&r=trysnapshot
Fixed in CVS:        http://bugs.php.net/fix.php?id=19493&r=fixedcvs
Fixed in release:    http://bugs.php.net/fix.php?id=19493&r=alreadyfixed
Need backtrace:      http://bugs.php.net/fix.php?id=19493&r=needtrace
Try newer version:   http://bugs.php.net/fix.php?id=19493&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=19493&r=support
Expected behavior:   http://bugs.php.net/fix.php?id=19493&r=notwrong
Not enough info:     http://bugs.php.net/fix.php?id=19493&r=notenoughinfo
Submitted twice:     http://bugs.php.net/fix.php?id=19493&r=submittedtwice
register_globals:    http://bugs.php.net/fix.php?id=19493&r=globals

#19493 [NEW]: Error in older versions of serializer results in error of currend deserializer

Reply via email to