Edit report at https://bugs.php.net/bug.php?id=62852&edit=1
ID: 62852 Comment by: reeze dot xia at gmail dot com Reported by: kasper at webmasteren dot eu Summary: Unserialize Invalid Date causes crash Status: Open Type: Bug Package: Reproducible crash Operating System: windows, linux PHP Version: Irrelevant Block user comment: N Private report: N New Comment: Hi, I'v sent pull request to fix this: https://github.com/php/php-src/pull/168 when unserialize it didn't check whether the date is valid. Thanks Previous Comments: ------------------------------------------------------------------------ [2012-08-18 11:53:03] kasper at webmasteren dot eu Description: ------------ Core PHP,every version so far, 5.3.* and 5.4.* When unserializing this string : O:8:"DateTime":3:{s:4:"date";s:20:"10007-06-07 03:51:49";s:13:"timezone_type";i:3;s:8:"timezone";s:3:"UTC";} created from: Datetime:createFromFormat("99-99-9999","j-n-Y"); then serialized, to a file. Later when read and working with, php crashes, from the parse_tz.c, in timelib_get_time_zone_info. the Exception is "read at offset 0x00000010". it would appear that ts and / or tz is zero. Test script: --------------- $temp = unserialize('O:8:"DateTime":3:{s:4:"date";s:20:"10007-06-07 03:51:49";s:13:"timezone_type";i:3;s:8:"timezone";s:3:"UTC";}'); var_dump($temp); Expected result: ---------------- error parsing invalid date or just a date with all entries 0. Actual result: -------------- php crash [read offset 0x00000010] ~ null pointer + offset. at the file "ext\date\lib\parse_tz.c" ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=62852&edit=1
