[PHP-DEV] serializer bug (testcase included) From: André Langhorst (waldschrott <email protected>)
Date: 12/04/00

hi (stas),

I've worked again to figure out what happens with the serializer, the
problem does not seem to be serialization, it serailizes correctly! The
problem lies somewhere at object reconstruction, there's a 0.18%
difference between the "original serialized" and the "reconstructed and
again serialized" object

the object is attached in test.zip, decompress into the folder where you
want to try my testcase

It does the following things
a) search and create all classes the to-reconstruct-object needs
b) unserialize object
c) var_dump() the should-be object "BildURL" (contained in $dao), as you
can see the output is "2000-12-10 00:00:00" and if you analyze test.ser
file you'll realize that this should not have happen this way, it's
similar with other objects
d) well, as objects have been reconstructed as other stuff, there's no
chance to get_class() them
e) final tests, 1) newly serialized object == orignial serialized object
=> NO, 2) how similar are they (ca. 99.82%)

<?php
// create all needed classes for serialized object
$f=fopen('test.ser','r');
$x=fread($f,10000000);
$offset=0;
while (($pos=strpos($x,'O:',$offset))!==FALSE) {
        $pos2=strpos($x,':"',$pos+2);
        $pos3=strpos($x,'":',$pos2);
        $n=substr($x,$pos2+2,$pos3-$pos2-2);
        if ($n!=NULL && $n!='stdClass') $l[$n]=NULL;
        $offset=$pos3+2; }
foreach ($l AS $classname => $null)
        $eval.='class '.$classname.' {};'."\n";

eval($eval);

// create all needed classes for serialized object
$dao=unserialize($x);
echo var_dump($dao->BildURL);
echo get_class($dao->Messelink);
echo get_class($dao->BildURL);
$b=serialize($dao);
echo $b==$x;
similar_text($b,$x,$perc);
echo "<BR>$perc<BR>";
?>

I hope this is enough information, the original code is almost
impossible to serialize

regards,
andré 

-- 
· André Langhorst       · t: +49 571 3201801 ·
· waldschrott <email protected>   · m: +49 173 9558736 ·
· PHP Quality Assurance · http://qa.php.net  ·
  • application/x-zip-compressed attachment: test.zip 

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>