Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:118683 Return-Path: <tim@bastelstu.be> Delivered-To: mailing list internals@lists.php.net Received: (qmail 5121 invoked from network); 21 Sep 2022 16:10:38 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 21 Sep 2022 16:10:38 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 038281804A9 for <internals@lists.php.net>; Wed, 21 Sep 2022 09:10:38 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS24940 176.9.0.0/16 X-Spam-Virus: No X-Envelope-From: <tim@bastelstu.be> Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for <internals@lists.php.net>; Wed, 21 Sep 2022 09:10:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be; s=mail20171119; t=1663776636; bh=nlnADSCIq901KaMHHf/MCLN1Z61AtVH7ICWSVXazTI8=; h=Date:Subject:From:To:Cc:References:In-Reply-To:From; b=nkT/WEoxm51AW1EpZOjlHbSpy/9fA7ko1X3eT0/8CUP9mL8V2u47AdJV2VGaGkgsy eKzIPQ+anH8R2qHitAg8EJvw4ztx6mb53YbMfhxBHFTMqlJSaAA0axdkaR0jg0hXKb tyjix3gKicD6P92VZHChbUAJJEnH4Xe92pYiX9gk0faseC9vMfK/Yxiwn12pos1Zpo R9dPJGd01ZKZC2ElmcT2fc3tVCqt7ZdwniplAJfPl5Rg5faalw6/KWFrt83G/KQS7b qc5ASgHv4MPi9nZ8ghThA/cBvaTJeq8zojmclPstO0gL1A1uK22UV7Sc2L4ypAQ6jU B3pN4swwhtGRw== Message-ID: <a81f09a3-0f3d-86a5-b9b4-a097ce49da28@bastelstu.be> Date: Wed, 21 Sep 2022 18:10:36 +0200 MIME-Version: 1.0 Content-Language: en-US To: Nicolas Grekas <nicolas.grekas+php@gmail.com> Cc: internals@lists.php.net References: <530b3a9d-0ee4-6061-8c69-df672d238032@bastelstu.be> <CAOWwgpnQuRMv4Uv=bM+QNBPeUC8BCk4f1kYOcg8EUrYD1WoRzQ@mail.gmail.com> <51a57a4d-ccb5-a581-205e-e2684e4db8c8@bastelstu.be> <CAOWwgp=W94c4Vzkn7HZkzWESjaE6bm8yCUGTD1+X1eiHQsCTjw@mail.gmail.com> <81f1ceb4-1086-3f1a-942d-aebbb5c2712f@bastelstu.be> <CAOWwgpko4i=Af6ybAy+p5N7zEjGnWhh+ZCxYy6=nJ7J7k+KJVw@mail.gmail.com> <94b9c2ab-70d5-48e1-50f8-409a3073023a@bastelstu.be> In-Reply-To: <94b9c2ab-70d5-48e1-50f8-409a3073023a@bastelstu.be> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: [PHP-DEV] RFC [Discussion]: Improve unserialize() error handling From: tim@bastelstu.be (=?UTF-8?Q?Tim_D=c3=bcsterhus?=) Hi On 9/20/22 21:24, Tim Düsterhus wrote: > My understanding is that this attempts to gracefully handle broken cache > entries and force a rebuild if the payload is invalid. > > This will fail if the serialized payload contains a malformed > DateTimeImmutable, because DateTimeImmutable will throw an Error, > instead of Exception: https://3v4l.org/eB5ZE. The 'catch' should likely > be adjusted to catch '\Throwable'. > To add onto this: "An Error could be thrown" might also happen with a PHP 8.2 readonly class that later removes a property. As the property no longer exists on the class it will be considered a dynamic property which is disallowed on readonly classes, thus throwing an 'Error', not 'Exception' during unserialization: https://3v4l.org/Xsmfu Best regards Tim Düsterhus