--- /dev/null
+--TEST--
+No packed -> mixed reallocation while populating __unserialize() array
+--FILE--
+<?php
+
+$payload = 'O:13:"ArrayIterator":2:{i:0;i:0;s:1:"x";R:2;}';
+try {
+ var_dump(unserialize($payload));
+} catch (Exception $e) {
+ echo $e->getMessage(), "\n";
+}
+
+?>
+--EXPECT--
+Incomplete or ill-typed serialization data
}
array_init_size(&ary, elements);
+ /* Avoid reallocation due to packed -> mixed conversion. */
+ zend_hash_real_init_mixed(Z_ARRVAL(ary));
if (!process_nested_data(UNSERIALIZE_PASSTHRU, Z_ARRVAL(ary), elements, NULL)) {
ZVAL_DEREF(rval);
GC_ADD_FLAGS(Z_OBJ_P(rval), IS_OBJ_DESTRUCTOR_CALLED);