Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:119945
Return-Path: <tim@bastelstu.be>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 83658 invoked from network); 12 Apr 2023 08:00:01 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 12 Apr 2023 08:00:01 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 7A846180084
	for <internals@lists.php.net>; Wed, 12 Apr 2023 01:00:00 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS24940 176.9.0.0/16
X-Spam-Virus: No
X-Envelope-From: <tim@bastelstu.be>
Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Wed, 12 Apr 2023 00:59:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be;
	s=mail20171119; t=1681286398;
	bh=e9GCRgOUBhrURxueL8u23NC7Qi8giZzSzObG2qdh6ag=;
	h=Message-ID:Date:MIME-Version:To:From:Subject:Content-Type:from:to:
	 cc:subject:message-id;
	b=hfpwGR3HBeeT39MgYJN4uMujzgwkwWJvz0Xfn0fiFedV47hEuhlG7gGjdULq9NkBf
	 kwQCIHU1CsoYZGF00qsmbZDigVO1Yb0i59ydrOeYdl1O0PsyImxar/6J5h6SCgT5sJ
	 wkm2pZxaqKdh+s58sMhwMoORBqd4K0dbaC4PGXUyzTBsWZ/ysE7wX12zXzopErCet4
	 co70m//a+ViXs/glexFvz39b6oixF5deAdi/OMZbY1s7i9NvwBvaL5XPhYY3I2ovWl
	 XR9TPMcvbHE0U3pwJuc8jL1/CcAqHIGN+tYL73y4sLFGxwPiy5xPF/oA4I0KTWzgJy
	 KtQefun4+Tk2g==
Message-ID: <91d716c6-8136-cd54-8d13-209fe28a2ebb@bastelstu.be>
Date: Wed, 12 Apr 2023 09:59:57 +0200
MIME-Version: 1.0
Content-Language: en-US
To: PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Subject: [VOTE] Make unserialize() emit a warning for trailing bytes
From: tim@bastelstu.be (=?UTF-8?Q?Tim_D=c3=bcsterhus?=)

Hi

I just opened the vote for the "Make unserialize() emit a warning for 
trailing bytes" RFC. The RFC contains a single vote that requires a 2/3 
majority to pass. Voting runs 2 weeks until 2023-03-26 08:30 UTC.

Please find the following resources for your references:

RFC Text: https://wiki.php.net/rfc/unserialize_warn_on_trailing_data
PoC Implementation: https://github.com/php/php-src/pull/9630
Discussion Thread: https://externals.io/message/119745

Best regards
Tim Düsterhus