Bug #53437 [Asn]: Crash when using unserialized DatePeriod instance
Edit report at https://bugs.php.net/bug.php?id=53437edit=1 ID: 53437 Updated by: a...@php.net Reported by:from dot php dot net at brainbox dot cz Summary:Crash when using unserialized DatePeriod instance Status: Assigned Type: Bug Package:Date/time related Operating System: Windows XP SP3 PHP Version:5.3.3 Assigned To:derick Block user comment: N Private report: N New Comment: Here's the corresponding BT on windows, php5.dll!timelib_time_clone(timelib_time * orig) Line 52C php5.dll!date_period_it_rewind(_zend_object_iterator * iter) Line 1910C php5.dll!ZEND_FE_RESET_SPEC_CV_HANDLER(_zend_execute_data * execute_data) Line 22777C php5.dll!execute(_zend_op_array * op_array) Line 107C php5.dll!zend_execute_scripts(int type, _zval_struct * * retval, int file_count, ...) Line 1259C php5.dll!php_execute_script(_zend_file_handle * primary_file) Line 2316C php.exe!00b3246e()Unknown [Frames below may be incorrect and/or missing, no symbols loaded for php.exe] ntdll.dll!_RtlpHeapFindListLookupEntry@20()Unknown ntdll.dll!_RtlpFindEntry@8()Unknown 024d2608()Unknown msvcr90.dll!__getptd_noexit()Unknown msvcr90.dll!__getptd()Unknown msvcr90.dll!_LocaleUpdate::_LocaleUpdate(struct localeinfo_struct *)Unknown msvcr90.dll!__ismbcalpha()Unknown msvcr90.dll!__ismbblead()Unknown msvcr90.dll!__lock()Unknown msvcr90.dll!__setargv()Unknown msvcr90.dll!___getmainargs()Unknown php.exe!00b32ca6()Unknown php.exe!00b32dca()Unknown kernel32.dll!@BaseThreadInitThunk@12()Unknown ntdll.dll!___RtlUserThreadStart@8()Unknown ntdll.dll!__RtlUserThreadStart@8()Unknown Previous Comments: [2011-12-21 15:10:35] tony2...@php.net @Cataphrac (the Date(Period|Interval) serialization patch is here btw: http://nebm.ist.utl.pt/~glopes/misc/date_period_interval_ser.diff ) [2011-12-06 06:07:24] der...@php.net Automatic comment from SVN on behalf of derick Revision: http://svn.php.net/viewvc/?view=revisionamp;revision=320479 Log: - Added a test case for #53437. [2011-01-09 06:00:35] cataphr...@php.net Reassigning to Derick, as the patch I've written is under his consideration. [2010-12-01 21:50:03] fel...@php.net Duplicated of #52113 [2010-12-01 17:15:05] from dot php dot net at brainbox dot cz Description: DatePeriod class does not have the serialization/unserialization logic implemented. Therefore, when unserialized instance is used, script crashes. This is result of serializing the DatePeriod instance: O:10:DatePeriod:0:{} unserialize() wents fine as well, but when I call foreach() on unserialized instance, the script crashes. Test script: --- $dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 2); echo Original:\r\n; foreach($dp as $dt) { echo $dt-format('Y-m-d H:i:s').\r\n; } echo \r\n; $ser = serialize($dp); // $ser is: O:10:DatePeriod:0:{} // Create dangerous instance $dpu = unserialize($ser); // $dpu has invalid values⦠echo Unserialized:\r\n; // â¦which leads to CRASH: foreach($dpu as $dt) { echo $dt-format('Y-m-d H:i:s').\r\n; } Expected result: Original: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Unserialized: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Actual result: -- PHP crashes on the unserialize line. -- Edit this bug report at https://bugs.php.net/bug.php?id=53437edit=1
Bug #53437 [Asn]: Crash when using unserialized DatePeriod instance
Edit report at https://bugs.php.net/bug.php?id=53437edit=1 ID: 53437 Updated by: tony2...@php.net Reported by:from dot php dot net at brainbox dot cz Summary:Crash when using unserialized DatePeriod instance Status: Assigned Type: Bug Package:Date/time related Operating System: Windows XP SP3 PHP Version:5.3.3 Assigned To:derick Block user comment: N Private report: N New Comment: @Cataphrac (the Date(Period|Interval) serialization patch is here btw: http://nebm.ist.utl.pt/~glopes/misc/date_period_interval_ser.diff ) Previous Comments: [2011-12-06 06:07:24] der...@php.net Automatic comment from SVN on behalf of derick Revision: http://svn.php.net/viewvc/?view=revisionamp;revision=320479 Log: - Added a test case for #53437. [2011-01-09 06:00:35] cataphr...@php.net Reassigning to Derick, as the patch I've written is under his consideration. [2010-12-01 21:50:03] fel...@php.net Duplicated of #52113 [2010-12-01 17:15:05] from dot php dot net at brainbox dot cz Description: DatePeriod class does not have the serialization/unserialization logic implemented. Therefore, when unserialized instance is used, script crashes. This is result of serializing the DatePeriod instance: O:10:DatePeriod:0:{} unserialize() wents fine as well, but when I call foreach() on unserialized instance, the script crashes. Test script: --- $dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 2); echo Original:\r\n; foreach($dp as $dt) { echo $dt-format('Y-m-d H:i:s').\r\n; } echo \r\n; $ser = serialize($dp); // $ser is: O:10:DatePeriod:0:{} // Create dangerous instance $dpu = unserialize($ser); // $dpu has invalid values⦠echo Unserialized:\r\n; // â¦which leads to CRASH: foreach($dpu as $dt) { echo $dt-format('Y-m-d H:i:s').\r\n; } Expected result: Original: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Unserialized: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Actual result: -- PHP crashes on the unserialize line. -- Edit this bug report at https://bugs.php.net/bug.php?id=53437edit=1
Bug #53437 [Asn]: Crash when using unserialized DatePeriod instance
Edit report at http://bugs.php.net/bug.php?id=53437edit=1 ID: 53437 Updated by: cataphr...@php.net Reported by:from dot php dot net at brainbox dot cz Summary:Crash when using unserialized DatePeriod instance Status: Assigned Type: Bug Package:Date/time related Operating System: Windows XP SP3 PHP Version:5.3.3 -Assigned To:cataphract +Assigned To:derick Block user comment: N Private report: N New Comment: Reassigning to Derick, as the patch I've written is under his consideration. Previous Comments: [2010-12-01 21:50:03] fel...@php.net Duplicated of #52113 [2010-12-01 17:15:05] from dot php dot net at brainbox dot cz Description: DatePeriod class does not have the serialization/unserialization logic implemented. Therefore, when unserialized instance is used, script crashes. This is result of serializing the DatePeriod instance: O:10:DatePeriod:0:{} unserialize() wents fine as well, but when I call foreach() on unserialized instance, the script crashes. Test script: --- $dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 2); echo Original:\r\n; foreach($dp as $dt) { echo $dt-format('Y-m-d H:i:s').\r\n; } echo \r\n; $ser = serialize($dp); // $ser is: O:10:DatePeriod:0:{} // Create dangerous instance $dpu = unserialize($ser); // $dpu has invalid values⦠echo Unserialized:\r\n; // â¦which leads to CRASH: foreach($dpu as $dt) { echo $dt-format('Y-m-d H:i:s').\r\n; } Expected result: Original: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Unserialized: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Actual result: -- PHP crashes on the unserialize line. -- Edit this bug report at http://bugs.php.net/bug.php?id=53437edit=1
Bug #53437 [Asn]: Crash when using unserialized DatePeriod instance
Edit report at http://bugs.php.net/bug.php?id=53437edit=1 ID: 53437 Updated by: fel...@php.net Reported by:from dot php dot net at brainbox dot cz Summary:Crash when using unserialized DatePeriod instance Status: Assigned Type: Bug Package:Date/time related Operating System: Windows XP SP3 PHP Version:5.3.3 Assigned To:cataphract Block user comment: N Private report: N New Comment: Duplicated of #52113 Previous Comments: [2010-12-01 17:15:05] from dot php dot net at brainbox dot cz Description: DatePeriod class does not have the serialization/unserialization logic implemented. Therefore, when unserialized instance is used, script crashes. This is result of serializing the DatePeriod instance: O:10:DatePeriod:0:{} unserialize() wents fine as well, but when I call foreach() on unserialized instance, the script crashes. Test script: --- $dp = new DatePeriod(new DateTime('2010-01-01 UTC'), new DateInterval('P1D'), 2); echo Original:\r\n; foreach($dp as $dt) { echo $dt-format('Y-m-d H:i:s').\r\n; } echo \r\n; $ser = serialize($dp); // $ser is: O:10:DatePeriod:0:{} // Create dangerous instance $dpu = unserialize($ser); // $dpu has invalid values⦠echo Unserialized:\r\n; // â¦which leads to CRASH: foreach($dpu as $dt) { echo $dt-format('Y-m-d H:i:s').\r\n; } Expected result: Original: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Unserialized: 2010-01-01 00:00:00 2010-01-02 00:00:00 2010-01-03 00:00:00 Actual result: -- PHP crashes on the unserialize line. -- Edit this bug report at http://bugs.php.net/bug.php?id=53437edit=1