ID: 15220
Updated by: derick
Reported By: [EMAIL PROTECTED]
Old Status: Feedback
Status: Bogus
Bug Type: Unknown/Other Function
Operating System: Linux
PHP Version: 4.1.1
New Comment:
oh! oh! oh! :)
Bogusifying then...
Derick
Previous Comments:
------------------------------------------------------------------------
[2002-02-01 07:55:07] [EMAIL PROTECTED]
So sorry, the bug was in my db settings.
Sorry I wasted your time !
------------------------------------------------------------------------
[2002-01-25 15:21:14] [EMAIL PROTECTED]
I ran the two following scripts, to generate 100MB of random data, and
pass it through serialize/unserialize. diff told me both output files
were exactly the same.
<?php
$max = 1024*1024*100;
$f = fopen("./rnd-data", "w");
for($i=0; $i<$max; $i++) {
fputs($f, chr(rand(0,255)));
}
fclose($f);
?>
<?php
$f = fopen('./rnd-data', 'r');
$data = fread($f, 1024*1024*100+1);
fclose($f);
$f = fopen('./rnd-output', 'w');
fputs($f, unserialize(serialize($data)));
fclose($f);
?>
Are you sure the data gets stored and retrieved correctly?
(btw tested with 4.1.1 on Debian (Sid) Linux)
------------------------------------------------------------------------
[2002-01-25 12:47:28] [EMAIL PROTECTED]
I use this script :
<?
require($_SERVER["DOCUMENT_ROOT"]."/lib/db.phtml");
function error_control ($errno, $errstr, $errfile, $errline) {
$errortype = array (
1 => "Error",
2 => "Warning",
4 => "Parsing Error",
8 => "Notice",
16 => "Core Error",
32 => "Core Warning",
64 => "Compile Error",
128 => "Compile Warning",
256 => "User Error",
512 => "User Warning",
1024 => "User Notice"
);
//
print("<BR>".$errortype[intval($errno)]." : ".$errstr."<BR>File :
".$errfile."<BR>Line : ".$errline);
}
error_reporting(E_ALL);
$error_handler = set_error_handler("error_control");
print("<TABLE BORDER=\"1\">\n");
$SQL = "SELECT id, error_data FROM unserialize";
$RS = mysql_query($SQL, db_conn);
while ($RSarray = mysql_fetch_row($RS)) {
unserialize($RSarray[1]);
print("<TR>");
print("<TD>".$RSarray[0]."</TD>");
print("<TD>".$RSarray[1]."</TD>");
print("</TR>\n");
}
print("</TABLE>\n");
?>
------------------------------------------------------------------------
[2002-01-25 12:38:42] [EMAIL PROTECTED]
I can provide the data that failed here :
http://www.eksperten.dk/bug.phtml
Is that ok, otherwise let me know !
------------------------------------------------------------------------
[2002-01-25 11:54:03] [EMAIL PROTECTED]
Can you supply some (malicious) sample data (in- and output of
(un)serialize) along with a simple samplescript?
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/?id=15220
Edit this bug report at http://bugs.php.net/?id=15220&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
