Annotation of embedaddon/php/ext/spl/tests/SplObjectStorage_unserialize_bad.phpt, revision 1.1.1.2
1.1 misho 1: --TEST--
2: SPL: Test that serialized blob contains unique elements (CVE-2010-2225)
3: --FILE--
4: <?php
5:
6: $badblobs = array(
7: 'x:i:2;i:0;,i:1;;i:0;,i:2;;m:a:0:{}',
1.1.1.2 ! misho 8: 'x:i:3;O:8:"stdClass":0:{},O:8:"stdClass":0:{};R:2;,i:1;;O:8:"stdClass":0:{},r:2;;m:a:0:{}',
! 9: 'x:i:3;O:8:"stdClass":0:{},O:8:"stdClass":0:{};r:2;,i:1;;O:8:"stdClass":0:{},r:2;;m:a:0:{}',
1.1 misho 10: );
11: foreach($badblobs as $blob) {
12: try {
13: $so = new SplObjectStorage();
14: $so->unserialize($blob);
15: var_dump($so);
16: } catch(UnexpectedValueException $e) {
17: echo $e->getMessage()."\n";
18: }
19: }
20: --EXPECTF--
21: Error at offset 6 of 34 bytes
22: Error at offset 46 of 89 bytes
23: object(SplObjectStorage)#2 (1) {
24: ["storage":"SplObjectStorage":private]=>
25: array(2) {
26: ["%s"]=>
27: array(2) {
28: ["obj"]=>
29: object(stdClass)#3 (0) {
30: }
31: ["inf"]=>
32: int(1)
33: }
34: ["%s"]=>
35: array(2) {
36: ["obj"]=>
37: object(stdClass)#1 (0) {
38: }
39: ["inf"]=>
1.1.1.2 ! misho 40: object(stdClass)#3 (0) {
1.1 misho 41: }
42: }
43: }
44: }
45:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>