Created
June 1, 2017 09:53
-
-
Save tacovandenbroek/0ed29d1a449c57dfb4335d1ec4b00cae to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --TEST-- | |
| Bug: When an object is unserialized within the unserialize method of a Serializable implementation, its __wakeup method will be called _after_ the unserialize call is finished, making the object invalid during the unserialize call. | |
| --FILE-- | |
| <?php | |
| class Foo | |
| { | |
| public function __sleep() | |
| { | |
| return []; | |
| } | |
| public function __wakeup() | |
| { | |
| echo 'Called ' . __METHOD__ . PHP_EOL; | |
| } | |
| } | |
| class Bar implements \Serializable | |
| { | |
| private $foo; | |
| public function __construct(Foo $foo) | |
| { | |
| $this->foo = $foo; | |
| } | |
| public function serialize() | |
| { | |
| return serialize($this->foo); | |
| } | |
| public function unserialize($serialized) | |
| { | |
| echo 'unserialize Foo' . PHP_EOL; | |
| $this->foo = unserialize($serialized); | |
| echo 'end unserialize Foo' . PHP_EOL; | |
| } | |
| } | |
| $foo = new Foo(); | |
| $bar = new Bar($foo); | |
| $barStr = serialize($bar); | |
| $newBar = unserialize($barStr); | |
| --EXPECTF-- | |
| unserialize Foo | |
| Called Foo::__wakeup | |
| end unserialize Foo |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment