hphp/test/slow/unserialize-reference-overwritten.php

   1 <?hh
   2
   3 /*
   4  * This is unserializing an intentionally bad (but technically valid) string
   5  * to test that values that were overwritten during unserialization can still
   6  * be safely referenced with the R format.
   7  *
   8  * We may overwrite array elements (if have multiple entries with the same key)
   9  * and object properties (if we have multiple entries for the same property).
  10  *
  11  * If we overwrite these values, any reference to the element / property will
  12  * return the latest value, but we also have ref IDs for the old value as a
  13  * top-level item, so we can't destroy any values until the end.
  14  */
  15
  16 function test_overwritten_array_element($i) {
  17   var_dump(unserialize(
  18     'D:3:{' .
  19       's:1:"a";a:1:{' .
  20         'i:0;O:8:"stdClass":1:{' .
  21           's:1:"c";s:1:"d";' .
  22         '}' .
  23       '}' .
  24       's:1:"a";i:17;' .
  25       's:1:"b";R:'.$i.';' .
  26     '}'
  27   ));
  28 }
  29
  30 function test_overwritten_property_value($i) {
  31   var_dump(unserialize(
  32     'O:8:"stdClass":3:{' .
  33       's:1:"a";a:1:{' .
  34         'i:0;O:8:"stdClass":1:{' .
  35           's:1:"c";s:1:"d";' .
  36         '}' .
  37       '}' .
  38       's:1:"a";i:17;' .
  39       's:1:"b";R:'.$i.';' .
  40     '}'
  41   ));
  42 }
  43
  44 <<__EntryPoint>>
  45 function main() {
  46   for ($i = 1; $i < 6; $i++) {
  47     print("\n=================================\n");
  48     print("Iteration $i\n");
  49     test_overwritten_array_element($i);
  50     test_overwritten_property_value($i);
  51   }
  52 }