From: Thies C. Arntzen <thies@php.net>
Date: Sat, 1 Dec 2001 15:06:37 +0000 (+0000)
Subject: serialized data would be incoorect if __sleep() returned a variable-name
X-Git-Tag: ChangeLog~205
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7ff5198c5314274189917acde7659d8571b5a802;p=php

serialized data would be incoorect if __sleep() returned a variable-name
which is non-existant in the object.
submitted by: Bernd Roemer <berndr@bonn.edu>
---

diff --git a/ext/standard/tests/serialize/002.phpt b/ext/standard/tests/serialize/002.phpt
new file mode 100644
index 0000000000..30de5fa621
--- /dev/null
+++ b/ext/standard/tests/serialize/002.phpt
@@ -0,0 +1,34 @@
+--TEST--
+serialize() (Bug #14293)
+--POST--
+--GET--
+--FILE--
+<?php 
+class t
+{
+	function t()
+	{
+		$this->a = 'hello';
+	}
+
+	function __sleep()
+	{
+		echo "__sleep called\n";
+		return array('a','b');
+	}	
+}
+
+$t = new t();
+$data = serialize($t);
+echo "$data\n";
+$t = unserialize($data);
+var_dump($t);
+
+?>
+--EXPECT--
+__sleep called
+O:1:"t":1:{s:1:"a";s:5:"hello";}
+object(t)(1) {
+  ["a"]=>
+  string(5) "hello"
+}
diff --git a/ext/standard/var.c b/ext/standard/var.c
index 5e865cf29c..52c6c1f81f 100644
--- a/ext/standard/var.c
+++ b/ext/standard/var.c
@@ -199,25 +199,24 @@ static void php_var_serialize_class(smart_str *buf, zval **struc, zval *retval_p
 
 	php_var_serialize_class_name(buf, struc TSRMLS_CC);
 
-	smart_str_append_long(buf, count);
-	smart_str_appendl(buf, ":{", 2);
-
 	if (count > 0) {
 		char *key;
 		zval **d, **name;
 		ulong index;
 		HashPosition pos;
 		int i;
-
-		zend_hash_internal_pointer_reset_ex(HASH_OF(retval_ptr), &pos);
+		int cundef;
+		smart_str buf2={0};
 	
+		cundef=0;
+		zend_hash_internal_pointer_reset_ex(HASH_OF(retval_ptr), &pos);
 		for (;; zend_hash_move_forward_ex(HASH_OF(retval_ptr), &pos)) {
 			i = zend_hash_get_current_key_ex(HASH_OF(retval_ptr), &key, NULL, 
 					&index, 0, &pos);
 			
 			if (i == HASH_KEY_NON_EXISTANT)
 				break;
-
+			
 			zend_hash_get_current_data_ex(HASH_OF(retval_ptr), 
 					(void **) &name, &pos);
 
@@ -230,12 +229,20 @@ static void php_var_serialize_class(smart_str *buf, zval **struc, zval *retval_p
 
 			if (zend_hash_find(Z_OBJPROP_PP(struc), Z_STRVAL_PP(name), 
 						Z_STRLEN_PP(name) + 1, (void *) &d) == SUCCESS) {
-				php_var_serialize_string(buf, Z_STRVAL_PP(name), 
+				php_var_serialize_string(&buf2, Z_STRVAL_PP(name), 
 						Z_STRLEN_PP(name));
-				php_var_serialize_intern(buf, d, var_hash TSRMLS_CC);	
+				php_var_serialize_intern(&buf2, d, var_hash TSRMLS_CC);	
+			} else {
+				cundef++;	
 			}
 		}
+		smart_str_append_long(buf, count-cundef);
+		smart_str_appendl(buf, ":{", 2);			
+		smart_str_appendl(buf,buf2.c,buf2.len);
+		smart_str_free(&buf2);
 	}
+	
+
 	smart_str_appendc(buf, '}');
 }