From: fel...@php.net Operating system: Linux PHP version: 5.3CVS-2009-06-24 (CVS) PHP Bug Type: Date/time related Bug description: DateInterval segfaults when unserialising
Description: ------------ See below: Reproduce code: --------------- $x = new dateinterval("P3Y6M4DT12H30M5S"); unserialize(serialize($x)); Expected result: ---------------- No SIGSEGV. Actual result: -------------- Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7b786c0 (LWP 29877)] 0x0806919f in date_object_get_properties_interval (object=0x8f35344, tsrm_ls=0x8df3050) at /home/felipe/dev/php5/ext/date/php_date.c:2221 2221 PHP_DATE_INTERVAL_ADD_PROPERTY("y", y); (gdb) bt #0 0x0806919f in date_object_get_properties_interval (object=0x8f35344, tsrm_ls=0x8df3050) at /home/felipe/dev/php5/ext/date/php_date.c:2221 #1 0x0834d127 in object_common2 (rval=0xbf906a94, p=0xbf906a78, max=0x8f35156 "", var_hash=0xbf906a70, tsrm_ls=0x8df3050, elements=8) at ext/standard/var_unserializer.re:369 #2 0x0834b4fe in php_var_unserialize (rval=0xbf906a94, p=0xbf906a78, max=0x8f35156 "", var_hash=0xbf906a70, tsrm_ls=0x8df3050) at ext/standard/var_unserializer.re:713 #3 0x08339617 in zif_unserialize (ht=1, return_value=0x8f35344, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0, tsrm_ls=0x8df3050) at /home/felipe/dev/php5/ext/standard/var.c:868 #4 0x08436a24 in zend_do_fcall_common_helper_SPEC (execute_data=0x8f62a94, tsrm_ls=0x8df3050) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:313 #5 0x0843cb8b in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x8f62a94, tsrm_ls=0x8df3050) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:1601 #6 0x084357eb in execute (op_array=0x8f33fc8, tsrm_ls=0x8df3050) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:104 #7 0x083f4ef4 in zend_eval_stringl (str=0xbf9087d3 "$x = new dateinterval(\"P3Y6M4DT12H30M5S\"); unserialize(serialize($x));", str_len=70, retval_ptr=0x0, string_name=0x87a08b4 "Command line code", tsrm_ls=0x8df3050) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1159 #8 0x083f517b in zend_eval_stringl_ex (str=0xbf9087d3 "$x = new dateinterval(\"P3Y6M4DT12H30M5S\"); unserialize(serialize($x));", str_len=70, retval_ptr=0x0, string_name=0x87a08b4 "Command line code", handle_exceptions=1, tsrm_ls=0x8df3050) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1200 #9 0x083f522f in zend_eval_string_ex (str=0xbf9087d3 "$x = new dateinterval(\"P3Y6M4DT12H30M5S\"); unserialize(serialize($x));", retval_ptr=0x0, string_name=0x87a08b4 "Command line code", handle_exceptions=1, tsrm_ls=0x8df3050) at /home/felipe/dev/php5/Zend/zend_execute_API.c:1211 #10 0x084e6ca2 in main (argc=3, argv=0xbf906f84) at /home/felipe/dev/php5/sapi/cli/php_cli.c:1227 -- Edit bug report at http://bugs.php.net/?id=48678&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=48678&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=48678&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=48678&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=48678&r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=48678&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=48678&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=48678&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=48678&r=needscript Try newer version: http://bugs.php.net/fix.php?id=48678&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=48678&r=support Expected behavior: http://bugs.php.net/fix.php?id=48678&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=48678&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=48678&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=48678&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=48678&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=48678&r=dst IIS Stability: http://bugs.php.net/fix.php?id=48678&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=48678&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=48678&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=48678&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=48678&r=mysqlcfg