#29399 [NEW]: Unserialize() really doesn't like some input strings...

AxelLuttgens at swing dot be Mon, 26 Jul 2004 14:42:54 -0700

From:             AxelLuttgens at swing dot be
Operating system: Mac OS 10.3.4
PHP version:      4.3.8
PHP Bug Type:     Reproducible crash
Bug description:  Unserialize() really doesn't like some input strings...


Description:
------------
It took me a long time to locate the source of seemingly random crashes I
was experiencing these days.

But I now believe to have found a very clean example of crashing code on
my system.
Of course, my real code handles more interesting strings than the one used
in the example ;-)

This could help to explain some other bug reports related to
unserialize(), but that remained rather elusive or without a clear
conclusion.

Could also be related to another note of mine (Bug #26078).

HTH,
Axel

Reproduce code:
---------------
<?php
        $str = chr(236);
        print_r(unserialize($str));
?>



Expected result:
----------------
According to the docs, I would have expected unserialize() to return
FALSE, as the input string clearly doesn't result from a prior
serialize().

Actual result:
--------------
Here follows an excerpt of the resulting crash log:

        Date/Time:      2004-07-26 17:56:11 +0200
        OS Version:     10.3.4 (Build 7H63)
        Report Version: 2
        
        Command: httpd
        Path:    /usr/sbin/httpd
        PID:     1237
        Thread:  0
        
        Exception:  EXC_BAD_ACCESS (0x0001)
        Codes:      KERN_PROTECTION_FAILURE (0x0002) at 0x00000002
        
        Thread 0 Crashed:
        0   libphp4.so  0x020eccc8 php_var_unserialize + 0x180
(var_unserializer.c:320)
        1   libphp4.so  0x020e5418 zif_unserialize + 0xa4 (var.c:681)
        2   libphp4.so  0x0214bc68 execute + 0x1b58 (zend_execute.c:1635)
        3   libphp4.so  0x0213db34 zend_execute_scripts + 0xd8 (zend.c:892)
        4   libphp4.so  0x02113064 php_execute_script + 0x258 (main.c:1736)
        5   libphp4.so  0x0214f958 apache_php_module_main + 0xb8
(sapi_apache.c:59)
        6   libphp4.so  0x02150618 send_php + 0x294 (mod_php4.c:623)
        7   httpd       0x0000d05c ap_invoke_handler + 0xe8
        [...]



-- 
Edit bug report at http://bugs.php.net/?id=29399&edit=1
-- 
Try a CVS snapshot (php4):  http://bugs.php.net/fix.php?id=29399&r=trysnapshot4
Try a CVS snapshot (php5):  http://bugs.php.net/fix.php?id=29399&r=trysnapshot5
Fixed in CVS:               http://bugs.php.net/fix.php?id=29399&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=29399&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=29399&r=needtrace
Need Reproduce Script:      http://bugs.php.net/fix.php?id=29399&r=needscript
Try newer version:          http://bugs.php.net/fix.php?id=29399&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=29399&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=29399&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=29399&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=29399&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=29399&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29399&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=29399&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=29399&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=29399&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=29399&r=float

#29399 [NEW]: Unserialize() really doesn't like some input strings...

Reply via email to