php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-25 08:58:28 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ef114f94b95f45b33180c352cd20ef013d4f4e6c
archived-php-src/ext/standard/tests/strings/bug72433.phpt
T
Tim Düsterhus dd8de1e726 Promote unserialize() notices to warning (#9629) 
* Unserialize: Migrate "Unexpected end of serialized data" to E_WARNING

* Unserialize: Migrate "Error at offset %d of %d bytes" to E_WARNING

* Unserialize: Migrate "%s is returned from __sleep() multiple times" to E_WARNING

* Add NEWS for “Promote unserialize() notices to warning”
2022-11-15 19:36:38 +01:00

11 lines
341 B
PHP
Raw Blame History

--TEST--
Bug #72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
--FILE--
<?php
$serialized_payload = 'a:3:{i:0;r:1;i:1;r:1;i:2;C:11:"ArrayObject":19:{x:i:0;r:1;;m:a:0:{}}}';
var_dump(unserialize($serialized_payload));
?>
--EXPECTF--
Warning: unserialize(): Error at offset 13 of 69 bytes in %s on line %d
bool(false)
Reference in New Issue View Git Blame Copy Permalink