summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS2
-rw-r--r--ext/standard/tests/serialize/bug70436.phpt (renamed from ext/standard/tests/strings/bug70436.phpt)4
2 files changed, 2 insertions, 4 deletions
diff --git a/NEWS b/NEWS
index 17c1b81781..3e208f16ac 100644
--- a/NEWS
+++ b/NEWS
@@ -16,7 +16,7 @@ PHP NEWS
non-blocking). (Nikita)
- GMP:
- . Fixed bug #76470 (Integer Underflow when unserializing GMP and possible
+ . Fixed bug #74670 (Integer Underflow when unserializing GMP and possible
other classes). (Nikita)
- intl:
diff --git a/ext/standard/tests/strings/bug70436.phpt b/ext/standard/tests/serialize/bug70436.phpt
index 7d6d0f18d9..8b0df73d60 100644
--- a/ext/standard/tests/strings/bug70436.phpt
+++ b/ext/standard/tests/serialize/bug70436.phpt
@@ -25,7 +25,7 @@ $fakezval .= "\x01";
$fakezval .= "\x00";
$fakezval .= "\x00\x00";
-$inner = 'C:3:"obj":3:{ryat';
+$inner = 'C:3:"obj":3:{rya}';
$exploit = 'a:4:{i:0;i:1;i:1;C:3:"obj":'.strlen($inner).':{'.$inner.'}i:2;s:'.strlen($fakezval).':"'.$fakezval.'";i:3;R:5;}';
$data = unserialize($exploit);
@@ -48,8 +48,6 @@ DONE
--EXPECTF--
Notice: unserialize(): Error at offset 0 of 3 bytes in %sbug70436.php on line %d
-Notice: unserialize(): Error at offset 16 of 17 bytes in %sbug70436.php on line %d
-
Notice: unserialize(): Error at offset 93 of 94 bytes in %sbug70436.php on line %d
bool(false)
DONE
View Lorry Controller Status