derick Tue, 06 Dec 2011 06:07:41 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=320479
Log: - Added a test case for #53437. Bug: https://bugs.php.net/53437 (Assigned) Crash when using unserialized DatePeriod instance Changed paths: A php/php-src/branches/PHP_5_3/ext/date/tests/bug53437.phpt A php/php-src/branches/PHP_5_4/ext/date/tests/bug53437.phpt A php/php-src/trunk/ext/date/tests/bug53437.phpt Added: php/php-src/branches/PHP_5_3/ext/date/tests/bug53437.phpt =================================================================== --- php/php-src/branches/PHP_5_3/ext/date/tests/bug53437.phpt (rev 0) +++ php/php-src/branches/PHP_5_3/ext/date/tests/bug53437.phpt 2011-12-06 06:07:41 UTC (rev 320479) @@ -0,0 +1,28 @@ +--TEST-- +Bug #53437: Crash when using unserialized DatePeriod instance +--XFAIL-- +Bug #53437 Not fixed yet +--FILE-- +<?php +$dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 2); + +echo "Original:\r\n"; +foreach($dp as $dt) { + echo $dt->format('Y-m-d H:i:s')."\r\n"; +} +echo "\r\n"; +var_dump($dp); + +$ser = serialize($dp); // $ser is: O:10:"DatePeriod":0:{} + +// Create dangerous instance +$dpu = unserialize($ser); // $dpu has invalid values??? +var_dump($dpu); + +echo "Unserialized:\r\n"; +// ???which leads to CRASH: +foreach($dpu as $dt) { + echo $dt->format('Y-m-d H:i:s')."\r\n"; +} +?> +--EXPECT-- Added: php/php-src/branches/PHP_5_4/ext/date/tests/bug53437.phpt =================================================================== --- php/php-src/branches/PHP_5_4/ext/date/tests/bug53437.phpt (rev 0) +++ php/php-src/branches/PHP_5_4/ext/date/tests/bug53437.phpt 2011-12-06 06:07:41 UTC (rev 320479) @@ -0,0 +1,28 @@ +--TEST-- +Bug #53437: Crash when using unserialized DatePeriod instance +--XFAIL-- +Bug #53437 Not fixed yet +--FILE-- +<?php +$dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 2); + +echo "Original:\r\n"; +foreach($dp as $dt) { + echo $dt->format('Y-m-d H:i:s')."\r\n"; +} +echo "\r\n"; +var_dump($dp); + +$ser = serialize($dp); // $ser is: O:10:"DatePeriod":0:{} + +// Create dangerous instance +$dpu = unserialize($ser); // $dpu has invalid values??? +var_dump($dpu); + +echo "Unserialized:\r\n"; +// ???which leads to CRASH: +foreach($dpu as $dt) { + echo $dt->format('Y-m-d H:i:s')."\r\n"; +} +?> +--EXPECT-- Added: php/php-src/trunk/ext/date/tests/bug53437.phpt =================================================================== --- php/php-src/trunk/ext/date/tests/bug53437.phpt (rev 0) +++ php/php-src/trunk/ext/date/tests/bug53437.phpt 2011-12-06 06:07:41 UTC (rev 320479) @@ -0,0 +1,28 @@ +--TEST-- +Bug #53437: Crash when using unserialized DatePeriod instance +--XFAIL-- +Bug #53437 Not fixed yet +--FILE-- +<?php +$dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 2); + +echo "Original:\r\n"; +foreach($dp as $dt) { + echo $dt->format('Y-m-d H:i:s')."\r\n"; +} +echo "\r\n"; +var_dump($dp); + +$ser = serialize($dp); // $ser is: O:10:"DatePeriod":0:{} + +// Create dangerous instance +$dpu = unserialize($ser); // $dpu has invalid values??? +var_dump($dpu); + +echo "Unserialized:\r\n"; +// ???which leads to CRASH: +foreach($dpu as $dt) { + echo $dt->format('Y-m-d H:i:s')."\r\n"; +} +?> +--EXPECT--
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php