mirror of
https://github.com/php/php-src.git
synced 2024-09-23 19:07:26 +00:00
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4: added a test to cover distinction between boolean return value of unserialize function and deserializing serialized boolean
This commit is contained in:
commit
b8b92bd790
52
ext/standard/tests/serialize/serialization_error_002.phpt
Normal file
52
ext/standard/tests/serialize/serialization_error_002.phpt
Normal file
@ -0,0 +1,52 @@
|
||||
--TEST--
|
||||
Test unserialize(): error is indistinguishable from deserialized boolean
|
||||
--FILE--
|
||||
<?php
|
||||
/* Prototype : proto string serialize(mixed variable)
|
||||
* Description: Returns a string representation of variable (which can later be unserialized)
|
||||
* Source code: ext/standard/var.c
|
||||
* Alias to functions:
|
||||
*/
|
||||
/* Prototype : proto mixed unserialize(string variable_representation)
|
||||
* Description: Takes a string representation of variable and recreates it
|
||||
* Source code: ext/standard/var.c
|
||||
* Alias to functions:
|
||||
*/
|
||||
|
||||
echo "*** Testing unserialize() error/boolean distinction ***\n";
|
||||
|
||||
$garbage = "obvious non-serialized data";
|
||||
$serialized_false = serialize(false);
|
||||
|
||||
var_dump($serialized_false);
|
||||
|
||||
$deserialized_garbage = unserialize($garbage);
|
||||
var_dump($deserialized_garbage);
|
||||
|
||||
$deserialized_false = unserialize($serialized_false);
|
||||
var_dump($deserialized_false);
|
||||
|
||||
echo "unserialize error and deserialized false are identical? " . (bool) ($deserialized_false == $deserialized_garbage) . "\n";
|
||||
|
||||
// candidate safe idiom for determining whether data is serialized
|
||||
function isSerialized($str) {
|
||||
return ($str == serialize(false) || @unserialize($str) !== false);
|
||||
}
|
||||
|
||||
// Test unserialize error idiom
|
||||
var_dump(isSerialized($garbage));
|
||||
var_dump(isSerialized($serialized_false));
|
||||
|
||||
echo "Done";
|
||||
?>
|
||||
--EXPECTF--
|
||||
*** Testing unserialize() error/boolean distinction ***
|
||||
string(4) "b:0;"
|
||||
|
||||
Notice: unserialize(): Error at offset 0 of 27 bytes in %s/serialization_error_002.php on line 20
|
||||
bool(false)
|
||||
bool(false)
|
||||
unserialize error and deserialized false are identical? 1
|
||||
bool(false)
|
||||
bool(true)
|
||||
Done
|
Loading…
Reference in New Issue
Block a user