Mantis - Quercus
Viewing Issue Advanced Details
5511 major always 08-28-13 13:22 08-28-13 13:22
new 4.0.36  
0005511: unserialize() fails with IOException when unserializing PHP class the implements Serializabe
When I attempt to unserialize objects that implement the PHP Serializable interface Quercus throws: option not recognized 'C'
                          at com.caucho.quercus.lib.UnserializeReader.unserialize(
                           at com.caucho.quercus.lib.VariableModule.unserialize(
                           at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                           at sun.reflect.NativeMethodAccessorImpl.invoke(
                           at sun.reflect.DelegatingMethodAccessorImpl.invoke(
                           at java.lang.reflect.Method.invoke(
                           at com.caucho.quercus.module.StaticFunction.invoke(
                           at com.caucho.quercus.env.JavaInvoker.callJavaMethod(
                           at com.caucho.quercus.env.JavaInvoker.callMethod(
                           at com.caucho.quercus.expr.CallExpr.evalImpl(
                           at com.caucho.quercus.expr.CallExpr.evalCopy(
                           at com.caucho.quercus.expr.Expr.evalAssignValue(
                           at com.caucho.quercus.expr.BinaryAssignExpr.eval(
                           at com.caucho.quercus.expr.Expr.evalTop(
                           at com.caucho.quercus.statement.ExprStatement.execute(
                           at com.caucho.quercus.statement.BlockStatement.execute(
                           at com.caucho.quercus.statement.TryStatement.execute(

I looked at the UnserializeReader.unserialize(...) method and the case statement does not account for 'C' as the leading character of the serialized string. The PHP doc on the Serializable interface ( [^] shows that this is a valid leading character.

The serialized objects were written to disk using PHP 5.3.

There are no notes attached to this issue.