Mantis - Quercus
Viewing Issue Advanced Details
3329 minor always 02-09-09 01:12 02-09-09 06:55
closed 3.2.1  
none 4.0.0  
0003329: unserialize crashes with Java exception under certain circumstances
When unserialize() is given a broken serialized string, mod_php consistently returns FALSE. However Quercus in the same situation frequently crashes with a Java exception.

For instance this call crashes Quercus:
unserialize('s:20:"a string";');

Note the small attachment to this report for a slightly more detailed understanding.

Please note that the problem doesn't seem to be limited to plain strings only but also to arrays as well as strings nested in them.

At the moment as a workaround the fully-compatible "correct" behaviour can be emulated by coding like this:

$unserialized_result=unserialize($string); // version that may crash

=> has to become:

catch (Exception $e)

However, this is obviously not a preferred long-term approach.

I'd like to point out that the problem is more than just academic. One of the latest versions of Drupal "installs" such invalid serialized strings in the database, perhaps due to some misconceptions about character encodings (i.e. when an UTF-8-encoded string gets serialized using a different encoding, strings lengths may differ later on). In any case I recommend fixing the issue.

I'd also like to mention again that I recently reported another issue in connection with serialize()/unserialize() (0003307) that you might want to solve right away in the course of anyways touching serialize() and unserialize().
 unserialize_bug_demo.php [^] (346 bytes) 02-09-09 01:12

02-09-09 06:55   

Fixed for 4.0.

Thanks for the report. To expedite things, please include the stack trace in future reports.