Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:16269
Return-Path: <thekid@thekid.de>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 91819 invoked by uid 1010); 17 May 2005 18:51:37 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 74513 invoked from network); 17 May 2005 18:32:19 -0000
Received: from unknown (HELO thekid.de) (127.0.0.1)
  by localhost with SMTP; 17 May 2005 18:32:19 -0000
X-Host-Fingerprint: 212.227.126.171 moutng.kundenserver.de  
Received: from ([212.227.126.171:65505] helo=moutng.kundenserver.de)
	by pb1.pair.com (ecelerity 1.2 r(5656M)) with SMTP
	id 9B/13-01538-3B83A824 for <internals@lists.php.net>; Tue, 17 May 2005 14:32:19 -0400
Received: from p54A31588.dip0.t-ipconnect.de [84.163.21.136] (helo=banane)
	by mrelayeu.kundenserver.de with ESMTP (Nemesis),
	id 0MKxQS-1DY6lv0INh-0003YJ; Tue, 17 May 2005 20:26:27 +0200
To: <internals@lists.php.net>
Date: Tue, 17 May 2005 20:25:59 +0200
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
thread-index: AcVbDd9+dIoFnYMXSC64RVU+AfnotA==
Message-ID: <0MKxQS-1DY6lv0INh-0003YJ@mrelayeu.kundenserver.de>
X-Provags-ID: kundenserver.de abuse@kundenserver.de login:bf648c7cefcb4f7c0e2e63c674feb220
Subject: Unserialize Bug
From: thekid@thekid.de ("Timm Friebe")

Hi,
unserialize() cannot unserialize objects whose names contain anything =
except
a-z, 0-9 and _, the parser allows those, though.

Example
=3D=3D=3D=3D=3D=3D=3D
$ cat unserialize.php=20
<?php
  class =DCber { }
 =20
  var_dump(unserialize(serialize(new =DCber())));
?>

Expected behaviour
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
$ php unserialize.php=20
object(=FCber)(0) {
}

Actual behaviour
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
$ php unserialize.php=20
bool(false)
PHP Notice:  unserialize(): Error at offset 5 of 15 bytes in
F:\Programme\cygwin\home\thekid\unserialize.php on line 4

Cause
=3D=3D=3D=3D=3D
http://cvs.php.net/diff.php/php-src/ext/standard/var_unserializer.re?sa=3D=
1&r1
=3D1.40&r2=3D1.41&ty=3Du

Fix
=3D=3D=3D
Allow anything the parser allows, =
[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*

- Timm