Bug #63481 [Com]: Segmentation fault caused by unserialize()

Mon, 12 Nov 2012 04:30:00 -0800 

Edit report at https://bugs.php.net/bug.php?id=63481&edit=1

 ID:                 63481
 Comment by:         aurelijus at astdev dot lt
 Reported by:        aurelijus at astdev dot lt
 Summary:            Segmentation fault caused by unserialize()
 Status:             Assigned
 Type:               Bug
 Package:            Reproducible crash
 Operating System:   RHEL 6 & Mac OS X 10.7.4
 PHP Version:        5.4.8
 Assigned To:        mike
 Block user comment: N
 Private report:     N

 New Comment:

It might have been another php process, it might have been the same.
1. generate $object.
2. serialize $object.
3. save $string in php session (under /tmp)
/* might be different process from here, it did not really matter, 
segmenatation 
fault happend in both cases */
4. get $string from session
5. dumped to a file for debugging (optional)
6. unserialize($string)
7. segmenatation fault.


Previous Comments:
------------------------------------------------------------------------
[2012-11-12 02:51:46] larue...@php.net

did you generated the "serialize data" by two PHP process?


like:
1. serializer($xxx) then write to a temporary file like /tmp/xxx.txt
2. then in another PHP script, 
   $data[2]= file_get_contents("/tmp/xxx.txt");
  
then you got your serialization data by:
 $result = serialize($data);  ?

thanks

------------------------------------------------------------------------
[2012-11-11 16:52:42] aurelijus at astdev dot lt

Getting serialization code might be complicated, cause it's mostly 3rd pary 
framework code + DB, but I'll try.

String was generated with 5.4.8.

------------------------------------------------------------------------
[2012-11-11 08:41:52] m...@php.net

Please show the code, which does the 
serialisation.

Which PHP version did the serialisation?
Serialized strings are not portable 
between PHP versions, thea are just 
meant to be used as temporary 
representation.

------------------------------------------------------------------------
[2012-11-11 07:45:16] larue...@php.net

mike,do you have time to look at this?

seems due to the unserialize hash level.

I tried BG(seralize_lock)++ before calling zend_user_unserliaze, the problem 
gone.

but that break test #63481.

I am keeping dig this, but  it's  better if you can look at this

------------------------------------------------------------------------
[2012-11-10 17:15:44] larue...@php.net

assigned by accident.

------------------------------------------------------------------------


The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at

    https://bugs.php.net/bug.php?id=63481


-- 
Edit this bug report at https://bugs.php.net/bug.php?id=63481&edit=1

Reply via email to