bug53437.phpt

Derick Rethans Mon, 05 Dec 2011 22:08:48 -0800

derick                                   Tue, 06 Dec 2011 06:07:41 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=320479


Log:
- Added a test case for #53437.

Bug: https://bugs.php.net/53437 (Assigned) Crash when using unserialized 
DatePeriod instance
      
Changed paths:
    A   php/php-src/branches/PHP_5_3/ext/date/tests/bug53437.phpt
    A   php/php-src/branches/PHP_5_4/ext/date/tests/bug53437.phpt
    A   php/php-src/trunk/ext/date/tests/bug53437.phpt

Added: php/php-src/branches/PHP_5_3/ext/date/tests/bug53437.phpt
===================================================================
--- php/php-src/branches/PHP_5_3/ext/date/tests/bug53437.phpt                   
        (rev 0)
+++ php/php-src/branches/PHP_5_3/ext/date/tests/bug53437.phpt   2011-12-06 
06:07:41 UTC (rev 320479)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #53437: Crash when using unserialized DatePeriod instance
+--XFAIL--
+Bug #53437 Not fixed yet
+--FILE--
+<?php
+$dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 
2);
+
+echo "Original:\r\n";
+foreach($dp as $dt) {
+        echo $dt->format('Y-m-d H:i:s')."\r\n";
+}
+echo "\r\n";
+var_dump($dp);
+
+$ser = serialize($dp); // $ser is: O:10:"DatePeriod":0:{}
+
+// Create dangerous instance
+$dpu = unserialize($ser); // $dpu has invalid values???
+var_dump($dpu);
+
+echo "Unserialized:\r\n";
+// ???which leads to CRASH:
+foreach($dpu as $dt) {
+        echo $dt->format('Y-m-d H:i:s')."\r\n";
+}
+?>
+--EXPECT--

Added: php/php-src/branches/PHP_5_4/ext/date/tests/bug53437.phpt
===================================================================
--- php/php-src/branches/PHP_5_4/ext/date/tests/bug53437.phpt                   
        (rev 0)
+++ php/php-src/branches/PHP_5_4/ext/date/tests/bug53437.phpt   2011-12-06 
06:07:41 UTC (rev 320479)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #53437: Crash when using unserialized DatePeriod instance
+--XFAIL--
+Bug #53437 Not fixed yet
+--FILE--
+<?php
+$dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 
2);
+
+echo "Original:\r\n";
+foreach($dp as $dt) {
+        echo $dt->format('Y-m-d H:i:s')."\r\n";
+}
+echo "\r\n";
+var_dump($dp);
+
+$ser = serialize($dp); // $ser is: O:10:"DatePeriod":0:{}
+
+// Create dangerous instance
+$dpu = unserialize($ser); // $dpu has invalid values???
+var_dump($dpu);
+
+echo "Unserialized:\r\n";
+// ???which leads to CRASH:
+foreach($dpu as $dt) {
+        echo $dt->format('Y-m-d H:i:s')."\r\n";
+}
+?>
+--EXPECT--

Added: php/php-src/trunk/ext/date/tests/bug53437.phpt
===================================================================
--- php/php-src/trunk/ext/date/tests/bug53437.phpt                              
(rev 0)
+++ php/php-src/trunk/ext/date/tests/bug53437.phpt      2011-12-06 06:07:41 UTC 
(rev 320479)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #53437: Crash when using unserialized DatePeriod instance
+--XFAIL--
+Bug #53437 Not fixed yet
+--FILE--
+<?php
+$dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 
2);
+
+echo "Original:\r\n";
+foreach($dp as $dt) {
+        echo $dt->format('Y-m-d H:i:s')."\r\n";
+}
+echo "\r\n";
+var_dump($dp);
+
+$ser = serialize($dp); // $ser is: O:10:"DatePeriod":0:{}
+
+// Create dangerous instance
+$dpu = unserialize($ser); // $dpu has invalid values???
+var_dump($dpu);
+
+echo "Unserialized:\r\n";
+// ???which leads to CRASH:
+foreach($dpu as $dt) {
+        echo $dt->format('Y-m-d H:i:s')."\r\n";
+}
+?>
+--EXPECT--

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/ext/date/tests/bug53437.phpt branches/PHP_5_4/ext/date/tests/bug53437.phpt trunk/ext/date/tests/bug53437.phpt

Reply via email to