From: Nikita Popov <nikita.ppv@gmail.com>
Date: Sun, 12 Mar 2017 21:15:46 +0000 (+0100)
Subject: Fix __sleep() returning undefined declared properties
X-Git-Tag: php-7.2.0alpha1~272
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1e196110d3e1ef0b67597227dd01a7610d533a6a;p=php

Fix __sleep() returning undefined declared properties
---

diff --git a/ext/standard/tests/serialize/sleep_undefined_declared_properties.phpt b/ext/standard/tests/serialize/sleep_undefined_declared_properties.phpt
new file mode 100644
index 0000000000..ac33f4388c
--- /dev/null
+++ b/ext/standard/tests/serialize/sleep_undefined_declared_properties.phpt
@@ -0,0 +1,29 @@
+--TEST--
+__sleep() returning undefined declared properties
+--FILE--
+<?php
+
+class Test {
+    public $pub;
+    protected $prot;
+    private $priv;
+
+    public function __construct() {
+        unset($this->pub, $this->prot, $this->priv);
+    }
+
+    public function __sleep() {
+        return ['pub', 'prot', 'priv'];
+    }
+}
+
+var_dump(serialize(new Test));
+
+?>
+--EXPECTF--
+Notice: serialize(): "pub" returned as member variable from __sleep() but does not exist in %s on line %d
+
+Notice: serialize(): "prot" returned as member variable from __sleep() but does not exist in %s on line %d
+
+Notice: serialize(): "priv" returned as member variable from __sleep() but does not exist in %s on line %d
+string(53) "O:4:"Test":3:{s:3:"pub";N;s:4:"prot";N;s:4:"priv";N;}"
diff --git a/ext/standard/var.c b/ext/standard/var.c
index 1e1e94ac85..d6d17c2ec6 100644
--- a/ext/standard/var.c
+++ b/ext/standard/var.c
@@ -739,57 +739,65 @@ static void php_var_serialize_class(smart_str *buf, zval *struc, zval *retval_pt
 	propers = Z_OBJPROP_P(struc);
 
 	ZEND_HASH_FOREACH_STR_KEY(&names, name) {
+		zend_string *prot_name, *priv_name;
+
 		zval *val = zend_hash_find(propers, name);
 		if (val != NULL) {
 			if (Z_TYPE_P(val) == IS_INDIRECT) {
 				val = Z_INDIRECT_P(val);
 				if (Z_TYPE_P(val) == IS_UNDEF) {
-					continue;
+					goto undef_prop;
 				}
 			}
+
 			php_var_serialize_string(buf, ZSTR_VAL(name), ZSTR_LEN(name));
 			php_var_serialize_intern(buf, val, var_hash);
-		} else {
-			zend_string *prot_name, *priv_name;
-
-			priv_name = zend_mangle_property_name(
-					ZSTR_VAL(ce->name), ZSTR_LEN(ce->name), ZSTR_VAL(name), ZSTR_LEN(name), ce->type & ZEND_INTERNAL_CLASS);
-			val = zend_hash_find(propers, priv_name);
-			if (val != NULL) {
-				if (Z_TYPE_P(val) == IS_INDIRECT) {
-					val = Z_INDIRECT_P(val);
-					if (Z_ISUNDEF_P(val)) {
-						continue;
-					}
+			continue;
+		}
+
+		priv_name = zend_mangle_property_name(
+				ZSTR_VAL(ce->name), ZSTR_LEN(ce->name), ZSTR_VAL(name), ZSTR_LEN(name), ce->type & ZEND_INTERNAL_CLASS);
+		val = zend_hash_find(propers, priv_name);
+		if (val != NULL) {
+			if (Z_TYPE_P(val) == IS_INDIRECT) {
+				val = Z_INDIRECT_P(val);
+				if (Z_ISUNDEF_P(val)) {
+					zend_string_free(priv_name);
+					goto undef_prop;
 				}
-				php_var_serialize_string(buf, ZSTR_VAL(priv_name), ZSTR_LEN(priv_name));
-				zend_string_free(priv_name);
-				php_var_serialize_intern(buf, val, var_hash);
-				continue;
 			}
+
+			php_var_serialize_string(buf, ZSTR_VAL(priv_name), ZSTR_LEN(priv_name));
 			zend_string_free(priv_name);
-			prot_name = zend_mangle_property_name(
-					"*", 1, ZSTR_VAL(name), ZSTR_LEN(name), ce->type & ZEND_INTERNAL_CLASS);
-			val = zend_hash_find(propers, prot_name);
-			if (val != NULL) {
-				if (Z_TYPE_P(val) == IS_INDIRECT) {
-					val = Z_INDIRECT_P(val);
-					if (Z_TYPE_P(val) == IS_UNDEF) {
-						zend_string_free(prot_name);
-						continue;
-					}
+			php_var_serialize_intern(buf, val, var_hash);
+			continue;
+		}
+		zend_string_free(priv_name);
+
+		prot_name = zend_mangle_property_name(
+				"*", 1, ZSTR_VAL(name), ZSTR_LEN(name), ce->type & ZEND_INTERNAL_CLASS);
+		val = zend_hash_find(propers, prot_name);
+		if (val != NULL) {
+			if (Z_TYPE_P(val) == IS_INDIRECT) {
+				val = Z_INDIRECT_P(val);
+				if (Z_TYPE_P(val) == IS_UNDEF) {
+					zend_string_free(prot_name);
+					goto undef_prop;
 				}
-				php_var_serialize_string(buf, ZSTR_VAL(prot_name), ZSTR_LEN(prot_name));
-				zend_string_free(prot_name);
-				php_var_serialize_intern(buf, val, var_hash);
-				continue;
 			}
+
+			php_var_serialize_string(buf, ZSTR_VAL(prot_name), ZSTR_LEN(prot_name));
 			zend_string_free(prot_name);
-			php_var_serialize_string(buf, ZSTR_VAL(name), ZSTR_LEN(name));
-			php_var_serialize_intern(buf, &nval, var_hash);
-			php_error_docref(NULL, E_NOTICE,
-					"\"%s\" returned as member variable from __sleep() but does not exist", ZSTR_VAL(name));
+			php_var_serialize_intern(buf, val, var_hash);
+			continue;
 		}
+		zend_string_free(prot_name);
+
+undef_prop:
+		php_var_serialize_string(buf, ZSTR_VAL(name), ZSTR_LEN(name));
+		php_var_serialize_intern(buf, &nval, var_hash);
+		php_error_docref(NULL, E_NOTICE,
+				"\"%s\" returned as member variable from __sleep() but does not exist", ZSTR_VAL(name));
 	} ZEND_HASH_FOREACH_END();
 	smart_str_appendc(buf, '}');