clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-23 19:07:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-5.4' into PHP-5.5

Browse Source 
* PHP-5.4:
  added a test to cover distinction between boolean return value of unserialize function and deserializing serialized boolean
This commit is contained in:
Yasuo Ohgaki 2013-11-20 07:23:54 +09:00
commit b8b92bd790
1 changed files with 52 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
ext/standard/tests/serialize/serialization_error_002.phpt Normal file
View File

@ -0,0 +1,52 @@
--TEST--
Test unserialize(): error is indistinguishable from deserialized boolean
--FILE--
<?php
/* Prototype : proto string serialize(mixed variable)
* Description: Returns a string representation of variable (which can later be unserialized)
* Source code: ext/standard/var.c
* Alias to functions:
*/
/* Prototype : proto mixed unserialize(string variable_representation)
* Description: Takes a string representation of variable and recreates it
* Source code: ext/standard/var.c
* Alias to functions:
*/
echo "*** Testing unserialize() error/boolean distinction ***\n";
$garbage = "obvious non-serialized data";
$serialized_false = serialize(false);
var_dump($serialized_false);
$deserialized_garbage = unserialize($garbage);
var_dump($deserialized_garbage);
$deserialized_false = unserialize($serialized_false);
var_dump($deserialized_false);
echo "unserialize error and deserialized false are identical? " . (bool) ($deserialized_false == $deserialized_garbage) . "\n";
// candidate safe idiom for determining whether data is serialized
function isSerialized($str) {
return ($str == serialize(false) || @unserialize($str) !== false);
}
// Test unserialize error idiom
var_dump(isSerialized($garbage));
var_dump(isSerialized($serialized_false));
echo "Done";
?>
--EXPECTF--
*** Testing unserialize() error/boolean distinction ***
string(4) "b:0;"
Notice: unserialize(): Error at offset 0 of 27 bytes in %s/serialization_error_002.php on line 20
bool(false)
bool(false)
unserialize error and deserialized false are identical? 1
bool(false)
bool(true)
Done