archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
php-src/ext/spl/tests/unserialize_errors.phpt
Alex Dowad 0d11d37357 Fix bug #67369 ArrayObject serializatino drops the iterator class 
When ArrayObject is round-tripped through serialize() and unserialize(),
it forgets any iterator class name which was set using ::setIteratorClass().
Fix that.
2020-04-20 11:55:18 +02:00

163 lines
4 KiB
PHP
Raw Permalink Blame History

--TEST--
Errors from __unserialize() with invalid data
--FILE--
<?php
echo "ArrayObject:\n";
try {
// empty array
unserialize('O:11:"ArrayObject":0:{}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:11:"ArrayObject":3:{i:0;b:1;i:1;a:0:{}i:2;a:0:{}}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:11:"ArrayObject":3:{i:0;i:0;i:1;a:0:{}i:2;i:0;}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:11:"ArrayObject":3:{i:0;i:0;i:1;i:0;i:2;a:0:{}}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
// iterator class name is not a string
unserialize('O:11:"ArrayObject":4:{i:0;i:0;i:1;i:0;i:2;a:0:{}i:3;i:0;}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:11:"ArrayObject":4:{i:0;i:0;i:1;a:2:{i:0;i:1;i:1;i:2;}i:2;a:0:{}i:3;s:11:"NonExistent";}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
class Existent {}
try {
unserialize('O:11:"ArrayObject":4:{i:0;i:0;i:1;a:2:{i:0;i:1;i:1;i:2;}i:2;a:0:{}i:3;s:8:"Existent";}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
echo "ArrayIterator:\n";
try {
unserialize('O:13:"ArrayIterator":0:{}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:13:"ArrayIterator":3:{i:0;b:1;i:1;a:0:{}i:2;a:0:{}}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:13:"ArrayIterator":3:{i:0;i:0;i:1;a:0:{}i:2;i:0;}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:13:"ArrayIterator":3:{i:0;i:0;i:1;i:0;i:2;a:0:{}}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
echo "SplDoublyLinkedList:\n";
try {
unserialize('O:19:"SplDoublyLinkedList":0:{}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:19:"SplDoublyLinkedList":3:{i:0;b:1;i:1;a:0:{}i:2;a:0:{}}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:19:"SplDoublyLinkedList":3:{i:0;i:0;i:1;a:0:{}i:2;i:0;}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:19:"SplDoublyLinkedList":3:{i:0;i:0;i:1;i:0;i:2;a:0:{}}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
echo "SplObjectStorage:\n";
try {
unserialize('O:16:"SplObjectStorage":0:{}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:16:"SplObjectStorage":2:{i:0;i:0;i:1;a:0:{}}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:16:"SplObjectStorage":2:{i:0;a:0:{}i:1;i:1;}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:16:"SplObjectStorage":2:{i:0;a:1:{i:0;i:0;}i:1;a:0:{}}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
try {
unserialize('O:16:"SplObjectStorage":2:{i:0;a:2:{i:0;i:0;i:1;i:0;}i:1;a:0:{}}');
} catch (Exception $e) {
echo $e->getMessage(), "\n";
}
?>
--EXPECT--
ArrayObject:
Incomplete or ill-typed serialization data
Incomplete or ill-typed serialization data
Incomplete or ill-typed serialization data
Passed variable is not an array or object
Incomplete or ill-typed serialization data
Cannot deserialize ArrayObject with iterator class 'NonExistent'; no such class exists
Cannot deserialize ArrayObject with iterator class 'Existent'; this class does not implement the Iterator interface
ArrayIterator:
Incomplete or ill-typed serialization data
Incomplete or ill-typed serialization data
Incomplete or ill-typed serialization data
Passed variable is not an array or object
SplDoublyLinkedList:
Incomplete or ill-typed serialization data
Incomplete or ill-typed serialization data
Incomplete or ill-typed serialization data
Incomplete or ill-typed serialization data
SplObjectStorage:
Incomplete or ill-typed serialization data
Incomplete or ill-typed serialization data
Incomplete or ill-typed serialization data
Odd number of elements
Non-object key
Reference in a new issue View git blame Copy permalink