ID: 31169
User updated by: michael at digitalgnosis dot com
Reported By: michael at digitalgnosis dot com
-Status: Feedback
+Status: Open
Bug Type: Strings related
Operating System: Linux
PHP Version: 5.0.3
New Comment:
Something in Marcus' changes to unserialize() between versions 5.0.2
and 5.0.3 broke it. The 'code sample' is simply: unserialize($data)
where $data is a 6.4MB serialized array. I can't provide the contents
of $data but it's evident that unserialize() never returns. PHP does
not seg fault.
Previous Comments:
[2004-12-18 14:52:58] [EMAIL PROTECTED]
Please, provide more information. It would be very helpful if you also
provide a short but complete reproduce script and a link to your data.
Just stating that something is broken doesn't help much as it does work
fine for all of us. Thanks in advance.
[2004-12-18 11:13:20] michael at digitalgnosis dot com
Tested 5.0.x and 5.1.x snapshots; broken there too. Code runs unchanged
in 4.3.0.
[2004-12-18 03:14:07] [EMAIL PROTECTED]
Also, please try a pure build from http://www.php.net/downloads.php and
thank you.
[2004-12-18 03:12:48] [EMAIL PROTECTED]
Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php
If you can provide more information, feel free to add it
to this bug and change the status back to Open.
Thank you for your interest in PHP.
[2004-12-18 03:06:07] michael at digitalgnosis dot com
Description:
unserialize() call which works under 4.3.0 and 5.0.2-1 is now broken
under 5.0.3-1 (script hangs until max execution time). I'm using the
dotdeb.org package so they might be responsible, however the changelog
for 5.0.3 mentions the following update:
Fixed potential problems with unserializing invalid serialize data.
(Marcus)
The data being unserialized is about 6.4MB.
Reproduce code:
---
unserialize(file_get_contents('sixmegfile.dat'));
--
Edit this bug report at http://bugs.php.net/?id=31169edit=1